home

windowsfirewall.exe

TestOut Corporation

Publisher:
TestOut Corporation  (signed and verified)

MD5:
6d9a495bcfc9b88f199dc4294c924c8f

SHA-1:
0fba37e86bd0dad036c981669f1ea84197c2a54e

SHA-256:
c8bd52a75817beb892ef6405edca86368a3ab078e2b3ba8572d3f167491060ae

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 9:39:59 AM UTC  (today)

Scan engine
Detection
Engine version

Malwarebytes
Malware.Packer.PEW
v2015.05.16.12

Trend Micro House Call
PAK_Generic.005
7.2.136

Trend Micro
PAK_Generic.005
10.465.16

File size:
44.1 KB (45,184 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\testout\sims\ap06\programs\windowsfirewall.exe

Digital Signature
Signed by:
TestOut Corporation

Authority:
VeriSign, Inc.

Valid from:
10/25/2005 5:00:00 PM

Valid to:
11/17/2006 3:59:59 PM

Subject:
CN=TestOut Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TestOut Corporation, L=Pleasant Grove, S=Utah, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1455F8D23B90B984D3A7FB0C1F4DFD3E

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
768:vTpoBsEhHecAEMng0fwC/fxz7OEcnpsmKEaB/tFSXqSnApsL3qNb6xXuP:bIsEhXAEMnOMxzKdn6mnaVYqSnAuiUuP

Entry address:
0x29550

Entry point:
60, BE, 00, 30, 42, 00, 8D, BE, 00, E0, FD, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Entropy:
7.2432

Packer / compiler:
UPX 2.90LZMA

Code size:
28 KB (28,672 bytes)

Scan windowsfirewall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.