home

91419207.exe

MiniTool Solution Ltd

The application 91419207.exe by MiniTool Solution has been detected as a potentially unwanted program by 17 anti-malware scanners.
Publisher:
CircleIce  (signed by MiniTool Solution Ltd)

Product:
CircleIce

Version:
3.03.0006

MD5:
ad33548c92ea79140ac3c0538873378c

SHA-1:
3c4e33437bc6283215422203bf3eb2d1f96d3e95

SHA-256:
34b9937fdceb8c441a19d99af18b58259776e98991dc5d3303ca3c32c8052029

Scanner detections:
17 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 10:31:50 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Boaxxe
7.1.1

AhnLab V3 Security
Trojan/Win32.VB
2015.10.20

Avira AntiVirus
TR/Nemucod.lspsa
8.3.2.2

avast!
Win32:Malware-gen
2014.9-170210

AVG
Atros2
2018.0.2472

Dr.Web
Trojan.Siggen6.23087
9.0.1.041

ESET NOD32
Win32/Boaxxe.BR
11.12433

Fortinet FortiGate
W32/Boaxxe.BR!tr
2/10/2017

G Data
Win32.Trojan.Agent.QKD0BQ
17.2.25

K7 AntiVirus
Unwanted-Program
13.211.17582

Malwarebytes
Trojan.MalPack.VB
v2017.02.10.09

Microsoft Security Essentials
Trojan:Win32/Miuref.F
1.1.12101.0

NANO AntiVirus
Trojan.Win32.Siggen6.dxyfrx
0.30.26.3947

Panda Antivirus
Trj/Genetic.gen
17.02.10.09

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Sophos
Mal/Generic-S
4.98

VIPRE Antivirus
Trojan.Win32.Generic
44670

File size:
189.9 KB (194,432 bytes)

Product version:
3.03.0006

Original file name:
CircleIce.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\91419207.exe

Digital Signature
Signed by:
MiniTool Solution Ltd

Authority:
GlobalSign nv-sa

Valid from:
6/18/2014 3:37:34 AM

Valid to:
5/22/2015 5:18:09 PM

Subject:
E=support@minitool.ca, CN=MiniTool Solution Ltd, O=MiniTool Solution Ltd, L=SURREY, S=British Columbia, C=CA

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121F8BF2CF882C25FC42376AB9A749FD25F

File PE Metadata
Compilation timestamp:
2/5/2016 6:47:03 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x1294

Entry point:
68, 04, FD, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 75, 49, 9A, EC, 89, 16, 7D, 48, 9C, 36, 9C, 72, 82, FE, A8, 22, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, CE, 02, A7, 00, 00, 00, 50, 72, 65, 69, 73, 61, 6E, 74, 72, E4, 67, 65, 6E, 37, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 01, 66, 8B, BA, 1D, 33, E4, FD, 42, A8, 53, F2, 3A, 78, D3, D6, 47, 78, D5, ED, ED, CF, 6C, EB, 44, B4, 89, 79, 43, 85, 52, BB, 12, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
6.7183

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
168 KB (172,032 bytes)

Remove 91419207.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.