» translateclientportable.exe
Overview
Analysis
File Details
Downloads (2)

translateclientportable.exe

TranslateClientPortable

Alexey ILJIN

This is a setup program which is used to install the application. The file has been seen being downloaded from www.downloadcrew.com and multiple other hosts.

File name:

Publisher:

Alexey ILJIN

Product:

TranslateClientPortable

Version:

6.02.0620

MD5:

7461bbba7275bd50cac1b9b3f475caee

SHA-1:

d998a36570331b531f588f2b8b1a6375a217f6cf

SHA-256:

6b092a4bfce045738e17caa514da3106c98d03a03a96efdb7b54001d9d56c78a

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/20/2024 12:45:45 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.Packed

1.3.0.6267

File size:

1.7 MB (1,800,606 bytes)

Product version:

6.02.0620

Original file name:

translateclient.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\client.translate\translateclientportable.exe

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

49152:KYySmS9s2IDK2JeOzUkbxqjoKDCrpCssVwyfBWvV:xmj3DK2JlRbkafszpgV

Entry address:

0x4229

Entry point:

55, 8B, EC, 83, E4, F8, 81, EC, A4, 0C, 00, 00, 53, 56, 57, E8, 68, FB, FF, FF, FF, 15, 40, 00, 5B, 00, 83, E0, 11, 33, DB, 3D, 11, 01, 00, 00, 0F, 84, 45, 03, 00, 00, 8D, 44, 24, 28, 50, 53, FF, 15, 10, 00, 5B, 00, E8, E2, FB, FF, FF, 59, E8, 57, FC, FF, FF, 8B, C8, 2B, 0D, 0C, 50, 40, 00, 6A, 03, 33, D2, 8B, C1, 5E, BF, 00, 80, FF, FF, F7, F6, 85, CF, 0F, 85, F3, 01, 00, 00, 89, 9C, 24, 94, 08, 00, 00, 66, 89, 9C, 24, 80, 04, 00, 00, 89, 9C, 24, 7C, 04, 00, 00, 66, 89, 5C, 24, 68, E8, 19, FC, FF, FF, 8B... 
[+]

Entropy:

7.9969

Developed / compiled with:

Microsoft Visual C++

Code size:

16 KB (16,384 bytes)

The file translateclientportable.exe has been seen being distributed by the following 2 URLs.

http://www.downloadcrew.com/?act=software.download&id=30373&t=1477107367&c=67d9310b7704d2483b4e5a636616afe8a178da66

http://translateclient.com/TranslateClientPortable.exe

Scan translateclientportable.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.