» splashtop_business_win_v3.0.2.1.exe
Overview
Analysis
File Details
Downloads (1)

splashtop_business_win_v3.0.2.1.exe

Splashtop Business

Splashtop Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from d17kmd0va0f0mp.cloudfront.net.

File name:

Publisher:

Splashtop Inc. (signed and verified)

Product:

Splashtop Business

Version:

3.02.7.5768

MD5:

49711ef6baefbb461df582ca957322fc

SHA-1:

7e480e258854ca25b7dca59ddb8ca3b7267df20b

SHA-256:

be296f721b31dab282106e00028132030c29e965a3d3ba725fd0dbed4d086ba5

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/23/2024 5:56:30 PM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

Win.Trojan.Win32-2

0.98/21511

IKARUS anti.virus

Trojan.Patched

t3scan.1.9.5.0

File size:

11.8 MB (12,332,800 bytes)

Product version:

3.0.2.1

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\splashtop_business_win_v3.0.2.1.exe

Digital Signature

Signed by:

Splashtop Inc.

Authority:

Symantec Corporation

Valid from:

9/20/2015 8:00:00 PM

Valid to:

12/20/2017 6:59:59 PM

Subject:

CN=Splashtop Inc., O=Splashtop Inc., L=San Jose, S=California, C=US

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

7A70012DFCB7B3BC1770BAB83A4DCA7D

File PE Metadata

Compilation timestamp:

11/6/2015 1:36:31 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

196608:S6PN+z444644Pqej2BVg9mB9cNyiGM8Y0IL9HFuNhx8R0Mcw7ov8AMLmExhf2wmE:/PKO0mXIy3MMIL9HFRR0670SuwmJ72se

Entry address:

0x10073

Entry point:

E8, FB, 54, 00, 00, E9, 79, FE, FF, FF, 3B, 0D, D0, 1C, 43, 00, 75, 02, F3, C3, E9, 7D, 55, 00, 00, 8B, FF, 51, C7, 01, FC, A4, 42, 00, E8, 75, 56, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, F4, 29, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, AE, 56, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84... 
[+]

Entropy:

7.8406 (probably packed)

Code size:

153 KB (156,672 bytes)

The file splashtop_business_win_v3.0.2.1.exe has been seen being distributed by the following URL.

http://d17kmd0va0f0mp.cloudfront.net/winclient/.../Splashtop_Business_Win_v3.0.2.1.exe

Scan splashtop_business_win_v3.0.2.1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.