home

x1_pro_client_dotnet_4054eu.exe

X1 Technologies, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from cdn.avangate.com and multiple other hosts.
Publisher:
X1 Technologies, Inc.  (signed and verified)

Description:
X1 Professional Client

Version:
6.7

MD5:
5410ab0c0cbdd70531a809d439e7a9d9

SHA-1:
249e051a36014efee7962b2142f93ded336be9f7

SHA-256:
baed43120c340644449f5e6f726219a196ece87e0583798a57799446e17b694a

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 11:05:52 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Variant.Graftor.Elzob.6247
8.14.03.19.08

File size:
20.5 MB (21,508,760 bytes)

Copyright:
X1 Technologies, Inc.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\x1 updater\xds\x1_pro_client_dotnet_4054eu.exe

Digital Signature
Signed by:
X1 Technologies, Inc.

Authority:
Thawte, Inc.

Valid from:
6/10/2011 10:00:00 AM

Valid to:
8/30/2013 9:59:59 AM

Subject:
CN="X1 Technologies, Inc.", OU=SECURE APPLICATION DEVELOPMENT, O="X1 Technologies, Inc.", L=Pasadena, S=California, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
11D6D258839910260671DE742D691356

File PE Metadata
Compilation timestamp:
3/10/2010 11:21:53 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:i8OruNf8qqI+NJPU8BgtEMLowGiU9Z/DlyefDlgDG4WOoa:aaNfqJJ88BpMLShDQeZgyKJ

Entry address:
0x7A23

Entry point:
E8, 54, 19, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 6A, 0A, 6A, 00, FF, 75, 08, E8, 8A, 1C, 00, 00, 83, C4, 0C, 5D, C3, 8B, FF, 55, 8B, EC, 5D, E9, DF, FF, FF, FF, 3B, 0D, 58, 50, 41, 00, 75, 02, F3, C3, E9, 96, 1C, 00, 00, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 00, 01, 00, 00, 72, 0E, 83, 3D, 20, 7D, 42, 00, 00, 74, 05, E9, C4, 1D, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83...
 
[+]

Entropy:
7.9231  (probably packed)

Code size:
61 KB (62,464 bytes)

The file x1_pro_client_dotnet_4054eu.exe has been seen being distributed by the following 3 URLs.

http://cdn.avangate.com/cdn/2f73168bf3656f697507752ec592c437/.../x1_pro_client_dotNet_4054eu.exe

http://files.downloadnow.com/s/software/13/66/04/.../x1_pro_client_dotNet_4054eu.exe

http://support.x1.com/.../x1_pro_client_dotNet_4054eu.exe

Scan x1_pro_client_dotnet_4054eu.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.