home

_start.exe

_geolib

Eversim

Publisher:
Eversim  (signed and verified)

Product:
_geolib

Description:
_geolib

Version:
1, 0, 0, 1

MD5:
e50d0b172f0572fecf56933bbfec2fd9

SHA-1:
ba610b05ad89aafeab75434584ea7d647231c66f

SHA-256:
1cd7f2e950005e757a4a82d3af633291a34e58054c604d90b7700edac7c1390f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/4/2024 9:13:28 PM UTC  (today)

File size:
6.4 MB (6,689,880 bytes)

Product version:
6, 29, 0, 0

Copyright:
Copyrights by Eversim - All rights reserved

Original file name:
_geolib.rc

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\power & revolution (japanese)\_start.exe

Digital Signature
Signed by:
Eversim

Authority:
COMODO CA Limited

Valid from:
2/3/2017 9:00:00 AM

Valid to:
2/4/2020 8:59:59 AM

Subject:
CN=Eversim, O=Eversim, STREET=13 Place des Libertés Publiques, STREET=Immeuble Le Mandinet II - Bat B, L=Lognes, S=Ile de France, PostalCode=77185, C=FR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F60BFE5F024303FD69D033FD5651E9F9

File PE Metadata
Compilation timestamp:
2/14/2017 2:29:27 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x4D27E000

Entry point:
EB, 04, C0, B9, 33, 07, 50, EB, 05, F0, 1B, 83, 3B, D5, E8, 14, 00, 00, 00, EB, 03, 67, BB, 37, EB, 03, 2B, 05, 7A, 33, C0, 7B, 40, 71, 59, EB, 02, 30, A8, EB, 05, 8B, AF, EB, 1E, 3E, B8, 07, 48, 0E, F7, EB, 02, C6, F0, EB, 01, 67, 05, F9, B7, F1, 08, EB, 05, 30, 25, BE, 65, 03, 75, 34, EB, 01, 84, 64, FF, 30, EB, 02, BA, 2B, 64, 89, 20, EB, 05, C7, CF, E8, A8, DE, EB, 02, 63, 43, 8B, 10, EB, 01, 26, 64, 8F, 00, EB, 02, 32, 90, 83, C4, 04, EB, 01, 76, 58, EB, 02, 3D, 98, C3, EB, 02, 22, 81, EB, 03, 35, 36...
 
[+]

Entropy:
7.9999  (probably packed)

Code size:
13.2 MB (13,843,968 bytes)

Scan _start.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.