home

twister8_setup.tmp

Filseclab Corporation

Publisher:
Filseclab Corporation  (signed and verified)

MD5:
ff6e80164384a5e177b907c435d6552e

SHA-1:
a0385727294a39992f7fef4a1bb796b4f180a675

SHA-256:
057a1429e2f5b85374552a776dc5fe9277970cb03c7111d1ec8abd8ae4af60ec

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 11:07:03 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM20.1.Malware.Gen
1.0.0.1077

File size:
695.7 KB (712,400 bytes)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\twister8_setup.tmp

Digital Signature
Signed by:
Filseclab Corporation

Authority:
VeriSign, Inc.

Valid from:
1/24/2013 1:00:00 AM

Valid to:
3/26/2015 12:59:59 AM

Subject:
CN=Filseclab Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Filseclab Corporation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0C042011198C46C2253EAA60D10F6C37

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:kh/arACiIrPe37lzH6A64EGYHuXsr5aER+gjrNAFR9FXsvy8dlXExocj:+/arRiIrPe37lzH6A604cs1aEcdFXGvW

Entry address:
0x97270

Entry point:
00, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 08, 00, 00, 00, 00, 00, 00, 08, 00, 00, 00, 10, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 44, 98, 42, 00, 00, 00, 00, 00, 02, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 10, 00, 00, 00, 20, 00, 00, 00, 30, 00, 00, 00, 00, 00, 80, 00, 00, 00, 02, 00, 00, 00, 01, 00, 00, 00, 03, 00, 00, 00, 13, 00, 00, 00, 23, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
601.5 KB (615,936 bytes)

Scan twister8_setup.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.