home

WomanCalendar.exe

Advanced Woman Calendar

SoftOrbits

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Advanced Woman Calendar’.
Publisher:
SoftOrbits  (signed and verified)

Product:
Advanced Woman Calendar

Version:
4, 0, 0, 0

MD5:
92db669fbd75e7f65dd52a721095c705

SHA-1:
ff1c159a010c759a33d6fe572cafdc3763ff8302

SHA-256:
91d843385dcf829ffc0cbc89de02e3fe120fec404f09f39e1b8bf8c6c331f914

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 10:47:12 AM UTC  (today)

File size:
3.3 MB (3,432,256 bytes)

Product version:
4, 0, 0, 0

Copyright:
Copyright (C) 2011

Original file name:
WomanCalendar.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\advanced woman calendar\womancalendar.exe

Digital Signature
Signed by:
SoftOrbits

Authority:
VeriSign, Inc.

Valid from:
1/13/2011 1:00:00 AM

Valid to:
1/16/2012 12:59:59 AM

Subject:
CN=SoftOrbits, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SoftOrbits, L=Smolensk, S=Smolenskaya, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
50391746C878885C965A967436E5649B

File PE Metadata
Compilation timestamp:
11/1/2011 10:05:45 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:Tk3NQR8tuTOu/FHWNV5CwZnkaFpBbtUinYASVENLDPdLviR6J4UwrrwGUHdUf7T7:TEwJE9ZnRvalASsiRCOrECf7TYXsJ

Entry address:
0x497544

Entry point:
E9, 09, 64, 30, 00, 9C, B0, 10, E8, 18, 1D, 2B, 00, 75, 73, 65, 72, 33, 32, 2E, 64, 6C, 6C, 00, 63, 45, 63, 87, 02, 76, 73, BA, 6C, 94, DD, B4, 09, FC, 88, 35, 94, E1, D5, 5C, C7, 4D, FA, 5D, D2, 79, 1C, 5B, 88, 02, 76, 5E, B9, 72, E5, 3A, 68, 3C, 06, F4, 4B, 83, 59, 31, 8B, A4, 71, 7B, F0, 81, 6A, D6, CE, EC, F6, 51, 0A, 7F, 10, 60, A1, 00, 5B, 14, 61, 29, 56, 07, 88, 02, 76, 93, 02, A6, 51, 2A, 97, F3, E5, 62, 38, 85, DA, CB, 5B, B1, FE, F2, 91, 69, EC, 36, 28, 85, 8B, 9A, 87, 02, 76, F6, 4C, 99, D0, 1D...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
567 KB (580,608 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Advanced Woman Calendar

Command:
"C:\Program Files\advanced woman calendar\womancalendar.exe" -m


Scan WomanCalendar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.