home

tfClient.exe

ToxicClient

Tera information Technology co.Ltd

Publisher:
Tera information Technology co.Ltd  (signed and verified)

Product:
ToxicClient

Version:
1.00

MD5:
70e4eaa2f2cdb341b72ded465fc05f0d

SHA-1:
2379d8303a31499b94fd3f5d3ad9db0447d4dd0d

SHA-256:
b2b12f1e111085b78147f341df63ad963994bef5e99be236256840a0adfeb29d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 6:38:17 PM UTC  (today)

File size:
1.4 MB (1,473,400 bytes)

Product version:
1.00

Original file name:
tfClient.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\tfclient.exe

Digital Signature
Signed by:
Tera information Technology co.Ltd

Authority:
thawte, Inc.

Valid from:
12/27/2014 9:00:00 AM

Valid to:
2/26/2016 8:59:59 AM

Subject:
CN=Tera information Technology co.Ltd, O=Tera information Technology co.Ltd, L=Pohang-si, S=Gyeongsangbuk-do, C=KR

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
03A26DC2EB062E6237FCA48CCA93A67A

File PE Metadata
Compilation timestamp:
7/11/2015 10:14:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:mDOvAHDVLPxYdg31xAYe/Zd2nAjeoJ3xm9W56kcpKH9yd+AID:mDNhiXx

Entry address:
0x12244

Entry point:
68, 90, 57, 43, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 30, 45, 5C, C1, 33, 01, BF, 46, B5, 86, BA, FE, 64, 29, 3A, CE, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 42, 42, 38, 32, 2D, 50, 72, 6F, 6A, 65, 63, 74, 00, 00, 00, 00, 00, FF, CC, 31, 00, 3E, E5, 8F, B3, 5A, 02, A0, 6E, 4B, AF, 6A, 59, 31, 21, 1F, 84, A0, 8D, 75, F5, 79, 14, 49, 8F, 45, 9D, FE, 1D, E7, 7D, FC, F9, EB, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00...
 
[+]

Entropy:
6.5361

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
1.4 MB (1,454,080 bytes)

Scan tfClient.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.