home

swap encryptdecrypt.exe

EncryptDecrypt

Prive

Publisher:
Prive

Product:
EncryptDecrypt

Version:
1.00

MD5:
8209d6c9e849981e0457e837e514d3e8

SHA-1:
60373ec10101741bdf1a33346565f2f0a5d627ec

SHA-256:
6957cf476a6c7a4b5815b99814710edd94066bec152ec294ee100f54c4643eb8

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 1:52:55 PM UTC  (today)

Scan engine
Detection
Engine version

Quick Heal
(Suspicious) - DNAScan
8.14.12.00

File size:
52 KB (53,248 bytes)

Product version:
1.00

Original file name:
EncryptDecrypt.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish (Spain, International Sort)

File PE Metadata
Compilation timestamp:
5/15/2012 2:38:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:/73SdRtxaSJXD9f5o7NhCuGDVkuCecOKLjyhbVs3:/wtoMXpB3D2lecOKvyxV

Entry address:
0x1484

Entry point:
68, A8, 29, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 4C, EB, 2F, E0, DA, BA, 39, 46, A9, 43, D7, 0A, E1, A6, 16, A9, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 78, 74, 28, 44, 65, 63, 45, 6E, 63, 72, 79, 70, 74, 44, 65, 63, 72, 79, 70, 74, 00, 28, 00, 00, 00, 00, FF, CC, 31, 00, 15, 5C, 86, 8A, C7, 93, E5, 7D, 43, A6, B9, 25, 34, B1, 55, 6A, D2, 4B, D3, 22, 46, 19, AE, 33, 40, 80, 18, CB, 3B, 6A, 8D, 03, 48, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
5.1422

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
40 KB (40,960 bytes)

The file swap encryptdecrypt.exe has been seen being distributed by the following URL.

https://docviewer.yandex.com.tr/source?id=1ld2b-82zxdy2oaqktot8l4pkuikcd231ogov40h44ocat5g84i3kycr1lfohre5042nybsq0oyd5oaz9zt4p3wq9nsphuz8kms66nzx6&archive-path=//ENCRYPT DECRYPT TOOLS/ENCRYPT DECRYPT TOOLS/.../ZAZyF6ZEbI7w==&name=Encrypt Decrypt Tools - Komega.rar

Scan swap encryptdecrypt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.