» tmp0000d992
Overview
Analysis
File Details

tmp0000d992

Exploit Tester

Threatstar B.V.

File name:

tmp0000d992

Publisher:

Threatstar B.V. (signed and verified)

Product:

Exploit Tester

Description:

Exploit Tester Support Library

Version:

2.0.0.1

MD5:

2aa449eead697cb14f750dee1c57b12c

SHA-1:

81df2680ab9fbca55d239f7d88d548ba3a520ae8

SHA-256:

215321321561d1bc479e6966754b07f1ec667502146f478805aed8f30055d882

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/28/2024 11:34:35 AM UTC (today)

File size:

236.3 KB (241,960 bytes)

Product version:

2.0.0.1

Original file name:

hmpalert-test.dll

Language:

Olandese (Paesi Bassi)

Common path:

C:\windows\temp\tmp00006aac\tmp0000d992

Digital Signature

Signed by:

Threatstar B.V.

Authority:

VeriSign, Inc.

Valid from:

12/2/2014 1:00:00 AM

Valid to:

12/2/2016 12:59:59 AM

Subject:

CN=Threatstar B.V., O=Threatstar B.V., L=Hengelo, S=Overijssel, C=NL

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6EE1A0DD2DBE38046F9B31F833645FCE

File PE Metadata

Compilation timestamp:

2/25/2016 3:28:44 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

3072:cTusn0XJL5CIDAcS23kvKfCn/uBPI54GC7rQd2XOp8nyXqrEFtSgL2M5kt:coZsIDZSekvKe2t5O+sFtV5kt

Entry address:

0x6180

Entry point:

55, 8B, EC, 51, 8B, 45, 0C, 89, 45, FC, 83, 7D, FC, 03, 77, 62, 8B, 4D, FC, FF, 24, 8D, 00, 62, 00, 10, E8, 05, B2, 00, 00, 8B, 55, 10, 52, 8B, 45, 0C, 50, 8B, 4D, 08, 51, E8, 72, B4, 00, 00, 85, C0, 75, 04, 33, C0, EB, 3F, 8B, 55, 08, 89, 15, E0, 8B, 03, 10, E8, 4A, FF, FF, FF, EB, 2A, 33, C0, EB, 2B, 8B, 45, 10, 50, 8B, 4D, 0C, 51, 8B, 55, 08, 52, E8, 45, B4, 00, 00, EB, 18, 8B, 45, 10, 50, 8B, 4D, 0C, 51, 8B, 55, 08, 52, E8, 32, B4, 00, 00, EB, 05, B8, 01, 00, 00, 00, 8B, E5, 5D, C2, 0C, 00, 0F, 1F, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

141.5 KB (144,896 bytes)

Scan tmp0000d992 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.