home

BandooUI.exe

Bandoo

Discordia Limited

The application BandooUI.exe, “Bandoo Coordinator UI” by Discordia Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Discordia Limited  (signed and verified)

Product:
Bandoo

Description:
Bandoo Coordinator UI

Version:
3.0.0.61649

MD5:
3a21bd528f0eec6d2c53fe6ebffc3ea3

SHA-1:
9c9b0375721f230b8e62f41131c3526e3eca923d

SHA-256:
8876ca9e3d12c233ca875c08340191185d01a9df359136407f7f5513f7c2e9a8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/15/2024 8:38:36 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Discordia (M)
17.1.22.13

File size:
1.3 MB (1,415,104 bytes)

Product version:
3.0

Copyright:
Copyright (c) 2008

Original file name:
BandooUI.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\bandoo\bandooui.exe

Digital Signature
Signed by:
Discordia Limited

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
6/23/2008 2:00:00 AM

Valid to:
7/13/2009 1:59:59 AM

Subject:
CN=Discordia Limited, OU=SECURE APPLICATION DEVELOPMENT, O=Discordia Limited, L=Limassol, S=Limassol, C=CY

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
2113A6EBA95488B382A19508D9249678

File PE Metadata
Compilation timestamp:
1/22/2009 1:14:06 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0xA3445

Entry point:
E8, 4A, D6, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B, C9, C2, 08, 00, 58, 59, 87, 04, 24, FF, E0, 8B, FF, 55, 8B, EC, 51, 51, 53, 56, 57, 64, 8B, 35, 00, 00, 00, 00, 89, 75, FC, C7, 45, F8, B3, 34, 4A, 00, 6A, 00, FF, 75, 0C, FF, 75, F8, FF, 75, 08, E8, 69, 10, 02, 00, 8B, 45, 0C, 8B, 40, 04, 83, E0, FD, 8B, 4D, 0C, 89, 41, 04, 64, 8B, 3D...
 
[+]

Code size:
1.1 MB (1,182,720 bytes)

Remove BandooUI.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.