home

vodafone-e140e12c-6b8d-11e4-9d16-22000a5a13d9.exe

F-Secure Common Client Foundation

F-Secure Corporation

Publisher:
F-Secure Corporation  (signed and verified)

Product:
F-Secure Common Client Foundation

Description:
F-Secure Download Tool

Version:
1.00.155.0

MD5:
9373ef3a0f6d8e9284786ba19f553203

SHA-1:
b5b359d8d829088db7ef710d5b1d5858748c460f

SHA-256:
bc665cc81b6f4e405e38fd07d9b4ce67eb51417f17c24dd34e1c321d91d45c8c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 4:30:58 AM UTC  (today)

File size:
383 KB (392,232 bytes)

Product version:
1.00.155.0

Copyright:
Copyright © 2013 F-Secure Corporation

Original file name:
stub_download.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\vodafone-e140e12c-6b8d-11e4-9d16-22000a5a13d9.exe

Digital Signature
Signed by:
F-Secure Corporation

Authority:
GlobalSign nv-sa

Valid from:
8/27/2013 11:35:49 AM

Valid to:
8/27/2016 11:35:49 AM

Subject:
CN=F-Secure Corporation, O=F-Secure Corporation, L=Helsinki, C=FI

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11215C82A2BAAB2F01B7E6766BD948E624F6

File PE Metadata
Compilation timestamp:
9/24/2013 2:52:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:33vQF9QPYtDQ2ZrMR7oTybWokaHqutmKSNS7jGCu30JKCknv:332QArSSokMttmKSNSCnv

Entry address:
0x1A1B6

Entry point:
E8, 26, 57, 00, 00, E9, 17, FE, FF, FF, 3B, 0D, C0, 3C, 44, 00, 75, 02, F3, C3, E9, A6, 57, 00, 00, 55, 8B, EC, 8B, 45, 14, 56, 57, 33, FF, 3B, C7, 74, 47, 39, 7D, 08, 75, 1B, E8, E7, 39, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 3C, 04, 00, 00, 83, C4, 14, 8B, C6, EB, 29, 39, 7D, 10, 74, E0, 39, 45, 0C, 73, 0E, E8, C2, 39, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, D7, 50, FF, 75, 10, FF, 75, 08, E8, 5F, 58, 00, 00, 83, C4, 0C, 33, C0, 5F, 5E, 5D, C3, 51, C7, 01, 38, 6C, 43, 00, E8, AF, 5B, 00, 00...
 
[+]

Entropy:
6.0289

Code size:
204 KB (208,896 bytes)

The file vodafone-e140e12c-6b8d-11e4-9d16-22000a5a13d9.exe has been seen being distributed by the following URL.

http://download.f-secure.com/antibot/.../cleaning.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.