home

Sophia.exe

Sophia

Cytotrade, spol. s r.o.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.sophiatesting.com.
Publisher:
Cytotrade  (signed by Cytotrade, spol. s r.o.)

Product:
Sophia

Version:
3.20.0.0

MD5:
8a495f2af2951e3a506815ce8207507c

SHA-1:
e704e39a94c2d6a71405f522a17fee768ae2d88d

SHA-256:
fa5b38bb767e44f7e03838bb59ec9c0ce26f2dfda050e7b3cd3b5ccde1feeab0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 5:30:38 PM UTC  (today)

File size:
33.3 MB (34,965,824 bytes)

Product version:
3.20.0.0

Copyright:
Copyright © 2016 Cytotrade

Original file name:
Sophia.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Signed by:
Cytotrade, spol. s r.o.

Authority:
COMODO CA Limited

Valid from:
8/28/2013 2:00:00 AM

Valid to:
8/29/2018 1:59:59 AM

Subject:
CN="Cytotrade, spol. s r.o.", O="Cytotrade, spol. s r.o.", STREET=Revova 20, L=Bratislava, S=Bratislava, PostalCode=81102, C=SK

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FF920D8F34B2E5F882E57430B05440C6

File PE Metadata
Compilation timestamp:
11/3/2016 4:19:48 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
786432:eeNjCv7sWJJy0xnLiZUqLQhWr0IkGwm5hd40uRIhqAK7Z:ee8vg6n+qqMfbm5P40u+hpCZ

Entry address:
0x202190

Entry point:
FF, 25, 80, 21, 60, 00, 00, 00, 5F, 43, 6F, 72, 45, 78, 65, 4D, 61, 69, 6E, 00, 6D, 73, 63, 6F, 72, 65, 65, 2E, 64, 6C, 6C, 00, 71, DE, AD, 01, 7B, 7A, 7D, 01, 00, 12, B1, 01, B3, AC, 1C, 00, FF, FF, 1F, 00, EC, BD, 05, 40, 15, DD, D6, 3F, 3C, 74, 23, 8D, A4, 87, 14, 11, 14, 10, 10, 41, A5, E3, 80, 34, 22, 88, 82, 34, 48, B7, A2, 22, 25, A5, 74, 77, 23, DD, DD, 1D, 02, D2, DD, A0, 74, 49, 48, 48, 7C, 73, 30, AE, F7, B9, 3E, 3E, F7, BD, F7, FD, BF, F5, 9D, 1F, 33, 67, F6, D9, B1, 66, AD, BD, D7, CC, DE, BF...
 
[+]

Code size:
33.3 MB (34,948,096 bytes)

The file Sophia.exe has been seen being distributed by the following URL.

http://www.sophiatesting.com/.../Sophia.exe

Scan Sophia.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.