home

symformnodenew.exe

Symform Device Software

Symform, Inc.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from download.symform.com.
Publisher:
Symform, Inc.  (signed and verified)

Product:
Symform Device Software

Version:
4.2.0.0

MD5:
a9583397955d145e36e23043dadc9fed

SHA-1:
e349e229ca504bb716030b31195f021ec90b55eb

SHA-256:
0008e0edfbee4a096b88359b7e319c2eea78ceaf19ae45b63cd2b6a2afed97d3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 2:33:30 PM UTC  (today)

File size:
6.1 MB (6,374,384 bytes)

Copyright:
Symform, Inc. All rights reserved.

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Digital Signature
Signed by:
Symform, Inc.

Authority:
COMODO CA Limited

Valid from:
5/25/2012 3:00:00 AM

Valid to:
5/26/2015 2:59:59 AM

Subject:
CN="Symform, Inc.", O="Symform, Inc.", STREET=1008 Western Ave, STREET=Ste 400, L=Seattle, S=WA, PostalCode=98104, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
6077B71FB561468C5AE0A4F39BF8D450

File PE Metadata
Compilation timestamp:
11/17/2007 4:35:37 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:QgFyalwIh7uQ6rJ0wtXmGuerVLVC0rofJsMm5lzyATYi55Ng:QMyalwIh7uQg2wpOYZVBMJS5ZySPm

Entry address:
0x30ED

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, C0, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 78, EC, 42, 00, E8, D4, 2A, 00, 00, A3, C4, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, F8, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, B4, 91, 40, 00, 68, C0, E3, 42, 00, E8, 8B, 27, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 79, 27, 00, 00...
 
[+]

Entropy:
7.9927

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file symformnodenew.exe has been discovered within the following program.

360Amigo System Speedup Free  by 360Amigo
360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file symformnodenew.exe has been seen being distributed by the following URL.

http://download.symform.com/control/current/.../SymformNodeNew.exe

Scan symformnodenew.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.