home

Tific.EXE

Tific Digital Support System

Microsoft Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘TiFiC’.
Publisher:
Tific  (signed by Microsoft Corporation)

Product:
Tific Digital Support System

Description:
Tific Client

Version:
8.4.$WCREV$.0

MD5:
559afca9f18e6b4b7c697dc9a6263d5d

SHA-1:
10ae38dc8f530caa206e8f78004f9e8d9f761c3b

SHA-256:
e917690aea27c639bcfb2760da4a756625ec42b4037df37ccc001fcd626072be

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
4/25/2024 2:16:56 PM UTC  (today)

File size:
5.3 MB (5,574,024 bytes)

Product version:
8.4.0.0

Copyright:
Copyright (C) 2010

Original file name:
Tific.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\tific\tific client g1\tific.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
MSIT Enterprise CA 1

Valid from:
9/26/2012 4:05:29 AM

Valid to:
9/26/2013 4:05:29 AM

Subject:
CN=Microsoft Corporation (Internal Use Only), OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=MSIT Enterprise CA 1

Serial number:
1A54031600020131A3A4

File PE Metadata
Compilation timestamp:
1/18/2013 5:32:28 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:Ie4in2QnnofeVw4LWNsBf6KCSkH9xZOXymz/ibf+zGntrdNq6Z22ihw5lUohxoxu:Ie4i2Yo6ANtWyTGKtrdNq6AFOe5Kr

Entry address:
0x2D3E7D

Entry point:
E8, FB, D2, 00, 00, E9, 89, FE, FF, FF, 3B, 0D, 20, 3D, 8F, 00, 75, 02, F3, C3, E9, 82, D3, 00, 00, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, 9C, E4, 7B, 00, 57, FF, 35, CC, 20, 91, 00, FF, D6, FF, 35, C8, 20, 91, 00, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE, 2B, FB, 8D, 47, 04, 83, F8, 04, 72, 75, 53, E8, E9, BB, 00, 00, 8B, D8, 8D, 47, 04, 59, 3B, D8, 73, 48, B8, 00, 08, 00, 00, 3B, D8, 73, 02, 8B, C3, 03, C3, 3B, C3, 72, 0F, 50, FF, 75, FC, E8, B5, D4, 00, 00, 59, 59, 85...
 
[+]

Entropy:
6.5497

Code size:
3.7 MB (3,918,848 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TiFiC

Command:
"C:\Program Files\tific\tific client g1\tific.exe" \systray \hide \onlinecheck \wait 60 \deflang "english" \server ms.tific.com \target ms \silent_offline \s \https \silent


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.