home

winflash64.exe

Phoenix Technologies Ltd.

Publisher:
Phoenix Technologies Ltd.  (signed and verified)

MD5:
7e561fd67e5c7ce9e60a2d4d1093ef8c

SHA-1:
97d9871f92ec7ffc1a157591a74251b7b1516f90

SHA-256:
29fde6c9ee604cca828cea27da0169aa4281c0d126e87dc290d336039be8bd94

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 5:40:43 PM UTC  (today)

File size:
342.3 KB (350,528 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\winflash64.exe

Digital Signature
Signed by:
Phoenix Technologies Ltd.

Authority:
VeriSign, Inc.

Valid from:
2/10/2012 1:00:00 AM

Valid to:
1/21/2015 12:59:59 AM

Subject:
CN=Phoenix Technologies Ltd., OU=CSS Core Features Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Phoenix Technologies Ltd., L=Milpitas, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
46E79B91EBEFA4D3229B32650E85D0FB

File PE Metadata
Compilation timestamp:
5/1/2014 6:28:14 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
2.20

CTPH (ssdeep):
6144:WZnk3dTcuW4IgRbdw2xPRJFWoG2SCWcg5sIp2lfixomPPPz7KWPT9FKGPtuD4WL8:WZnkZcIIgldw2xfO4lfi2mPPPzeWmGU0

Entry address:
0x1530

Entry point:
48, 83, EC, 28, C7, 05, 12, FB, 04, 00, 00, 00, 00, 00, E8, CD, CA, 03, 00, 48, 83, C4, 28, E9, 64, FC, FF, FF, EB, 02, 90, 90, 48, 83, EC, 28, C7, 05, F2, FA, 04, 00, 01, 00, 00, 00, E8, AD, CA, 03, 00, 48, 83, C4, 28, E9, 44, FC, FF, FF, EB, 02, 90, 90, 56, 53, 48, 89, CB, 48, 83, EC, 28, 48, 8B, 01, 8B, 00, 3D, 91, 00, 00, C0, 77, 3B, 3D, 8D, 00, 00, C0, 72, 74, BE, 01, 00, 00, 00, 31, D2, B9, 08, 00, 00, 00, E8, B3, DA, 03, 00, 48, 83, F8, 01, 0F, 84, 29, 01, 00, 00, 48, 85, C0, 74, 37, B9, 08, 00, 00...
 
[+]

Entropy:
6.5233

Code size:
249.5 KB (255,488 bytes)

Scan winflash64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.