home

konvertorfm.exe

Logipole

This is a setup program which is used to install the application. The file has been seen being downloaded from www.logipole.com.
Publisher:
Logipole  (signed and verified)

MD5:
185da089d74bdaac213639ec4c25451f

SHA-1:
e6f6e7a25f9f4b7b8388d6426d642ebf333ecf4f

SHA-256:
ffa2df2cc050bedbd946e74677ccfe20e2e3a1c84b6c27730bbe43b52f283aeb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:13:17 PM UTC  (today)

File size:
1 MB (1,083,408 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\konvertorfm.exe

Digital Signature
Signed by:
Logipole

Authority:
COMODO CA Limited

Valid from:
6/23/2015 8:00:00 PM

Valid to:
6/23/2017 7:59:59 PM

Subject:
CN=Logipole, O=Logipole, STREET=74 Allee de Lithuanie, L=Rennes, S=ille et vilaine, PostalCode=35200, C=FR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
75456C4B92AAAD95EFB97ECD50360952

File PE Metadata
Compilation timestamp:
9/11/2016 6:41:24 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:NzS+gidZo1CconA+1fbexGFLFG7lk+IiaCLFwU1O3ZE/TStJCDjii1D/bULt52R9:Nz6+iGHGp5LFtO36/cJ+jbb+taQvwP

Entry address:
0x2E1B3

Entry point:
E8, 92, EF, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 56, 8B, F1, 33, DB, 3B, F3, 75, 16, E8, 42, 20, 00, 00, 6A, 16, 5E, 89, 30, E8, B1, 77, 00, 00, 8B, C6, E9, B4, 00, 00, 00, 57, 39, 5D, 08, 77, 16, E8, 26, 20, 00, 00, 6A, 16, 5E, 89, 30, E8, 95, 77, 00, 00, 8B, C6, E9, 97, 00, 00, 00, 33, C9, 39, 5D, 10, 66, 89, 0E, 0F, 95, C1, 41, 39, 4D, 08, 77, 09, E8, FF, 1F, 00, 00, 6A, 22, EB, D7, 8B, 4D, 0C, 83, C1, FE, 83, F9, 22, 77, C5, 8B, CE, 39, 5D, 10, 74, 0E, 6A, 2D, 59, 33, DB, 66, 89, 0E, 43...
 
[+]

Code size:
706 KB (722,944 bytes)

The file konvertorfm.exe has been seen being distributed by the following URL.

http://www.logipole.com/download/konvertorfm/main/.../KonvertorFM.exe

Scan konvertorfm.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.