home

SLCleanCabFiles.exe

Skyline DataMiner

Skyline Communications

Publisher:
Skyline Communications  (signed and verified)

Product:
Skyline DataMiner

Description:
Skyline Clean CAB Files Tool

Version:
7.5.1304.2

MD5:
07be35d43377a197c7a5956be1a94fb8

SHA-1:
f9d41d0ce6d50fa721c784d9b806f68de2c79cac

SHA-256:
57f1428c8a890a4a8489d4e17e8164cb0d703ef8d5ca3f2222fc2e4127209e81

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 1:55:52 PM UTC  (today)

File size:
43.6 KB (44,696 bytes)

Product version:
7.5.1304.2

Copyright:
Copyright © 2001-2013 Skyline Communications

Original file name:
SLCleanCabFiles.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\slcleancabfiles.exe

Digital Signature
Signed by:
Skyline Communications

Authority:
Skyline Communications Root CA

Valid from:
5/16/2007 4:06:51 AM

Valid to:
12/31/2039 5:59:59 PM

Subject:
CN=Skyline Communications

Issuer:
CN=Skyline Communications Root CA

Serial number:
C2AA377642174FA6413F4B6D0E48B528

File PE Metadata
Compilation timestamp:
1/24/2013 3:16:31 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:d3bfw8YCdQwcXOA9C2T17llzlzoyrTR8UWK2IXWmylHaeF93M8OYN1bytX3jdKeD:d3c8YY2T3d/I6yl6c2YN1byp35b19z

Entry address:
0x8C7E

Entry point:
FF, 25, 00, 20, 00, 11, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.8324

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
28 KB (28,672 bytes)

The file SLCleanCabFiles.exe has been seen being distributed by the following 2 URLs.

http://200.52.196.168/.../getTool.aspx?name=SLCleanCabFiles

http://200.52.196.169/.../getTool.aspx?name=SLCleanCabFiles

Scan SLCleanCabFiles.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.