home

translationtool.exe

MD5:
b9092bf6fd0dcb914c2b54f35313fe59

SHA-1:
0f592fa6085f5af65393f35eae78dd926a449882

SHA-256:
cb006ee2d775f84a4cbab04b6ac2fff3bd6bcc6b3b63bfe6e22af6c72269f7d1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 6:30:40 AM UTC  (today)

File size:
1.3 MB (1,382,400 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/4/2015 2:50:38 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:FZVcyWBqEFhPYyVC72P/FyBOcg6jI0UhTBZHQHmTXCnKJ5uCbEvVCppp4ppppa4u:IFFhPYOC9TGVT005tENCppp4ppppa48t

Entry address:
0x105DA8

Entry point:
55, 8B, EC, 83, C4, F0, B8, A0, 40, 50, 00, E8, D8, 2A, F0, FF, A1, C0, F3, 50, 00, 8B, 00, E8, 18, 46, FD, FF, A1, C0, F3, 50, 00, 8B, 00, B2, 01, E8, 62, 61, FD, FF, 8B, 0D, F8, F4, 50, 00, A1, C0, F3, 50, 00, 8B, 00, 8B, 15, 1C, F3, 4F, 00, E8, 0A, 46, FD, FF, A1, C0, F3, 50, 00, 8B, 00, E8, 4E, 47, FD, FF, E8, 4D, F4, EF, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, 13, 8B, C0, 02, 00, 8B, C0...
 
[+]

Entropy:
6.7008

Developed / compiled with:
Microsoft Visual C++

Code size:
1 MB (1,065,472 bytes)

The file translationtool.exe has been seen being distributed by the following URL.

http://testdemo.iobit.com/TranslationTool.exe

Scan translationtool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.