home

ToToBrowser.exe

ToToBrowser 응용 프로그램

TOTOROSA Co., Ltd.

Publisher:
TOTOROSA Co., Ltd.  (signed and verified)

Product:
ToToBrowser 응용 프로그램

Version:
3, 0, 0, 2

MD5:
c32242bd7032334b0f9b7882960556f4

SHA-1:
7a4c1dd681b0ea69a1159986d64c87e69de1aa0a

SHA-256:
7d47b3c4183d7fccabd393f1370da8a52a9d0fa34731864a40beecd85efd378f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 7:35:24 AM UTC  (today)

File size:
22.3 MB (23,362,384 bytes)

Product version:
3, 0, 0, 2

Copyright:
Copyright (c) - 2004

Original file name:
ToToBrowser.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\totobrowser\totobrowser.exe

Digital Signature
Signed by:
TOTOROSA Co., Ltd.

Authority:
thawte, Inc.

Valid from:
4/22/2015 9:00:00 AM

Valid to:
6/21/2017 8:59:59 AM

Subject:
CN="TOTOROSA Co., Ltd.", OU=IT Team, O="TOTOROSA Co., Ltd.", L=Jung-gu, S=Incheon, C=KR

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
44661CED06AE422B28F2C978FDC63712

File PE Metadata
Compilation timestamp:
8/10/2016 1:44:13 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:I+XEto2hRr3vLVgWIVB8d33OQG2NHr/3ZvH+RHD51DFR:UL3rfLVgWIVB8l+QG2NHL3ZviHF1Db

Entry address:
0x1FD564

Entry point:
E8, 65, E2, 00, 00, E9, 78, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 68, B3, 6B, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 68, B3, 6B, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Entropy:
4.8418

Code size:
2.2 MB (2,330,112 bytes)

The file ToToBrowser.exe has been seen being distributed by the following 2 URLs.

http://bd-09-fhs079.ktsh.co.kr/dav/totodisk05/.../ToToBrowser.exe

http://bd-09-fhs037.ktsh.co.kr/dav/totodisk05/.../ToToBrowser.exe

Scan ToToBrowser.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.