home

Restorator.exe

SF IE Troubleshoot Beta

Captain Jack

This is a setup program which is used to install the application. The file has been seen being downloaded from md0svw-bn1305.files.1drv.com and multiple other hosts.
Publisher:
Captain Jack

Product:
SF IE Troubleshoot Beta

Version:
1.0.0.0

MD5:
66c52e82ca65e17ad34c438e765839be

SHA-1:
474c94400cbb6ae19494f1117cb87cd90d8daf4d

SHA-256:
01c980c030501d60c2f440b8afa4830391f56bcbc9c3f24ce0164013eaa8c765

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 7:12:52 AM UTC  (today)

File size:
125.5 KB (128,512 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2010

Trademarks:
Copyright © Seven Forums

Original file name:
SF IE Restorator.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

File PE Metadata
Compilation timestamp:
7/17/2010 7:08:03 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:pNSELf/ku/MuDTK6s1C8/zFQrdKjmP6Jt6NHlqy2nnJYY/ku/MuDTK6:pN/Lf//wsmZaK/JtUlqrnOY//

Entry address:
0x1A2DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
97 KB (99,328 bytes)

The file Restorator.exe has been seen being distributed by the following 2 URLs.

https://md0svw-bn1305.files.1drv.com/.../IE Restorator.exe

http://www.sevenforums.com/attachments/.../85751d1279346884-sf-ie-restorator-troubleshooting-general-issues-ie-sf-ie-restorator.exe

Scan Restorator.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.