home

bid.exe

Antibody Software Limited

Publisher:
Antibody Software  (signed by Antibody Software Limited)

Description:
Bulk Image Downloader

Version:
4.68.0.0

MD5:
e574b569767bd8f8d4d4c79e6342bd56

SHA-1:
a5009c441b6689fa293a3c379fa963029fb8d1bc

SHA-256:
59426af6778d0e5a74d7dbcfee86cbb14014345c67eda1265f9a74cd00f4fd78

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/5/2024 6:43:10 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.6979

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.16503

Trend Micro House Call
Possible_Virus
7.2.126

Trend Micro
Possible_Virus
10.465.05

File size:
1.9 MB (1,986,200 bytes)

Product version:
4.68

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\bid.exe

Digital Signature
Signed by:
Antibody Software Limited

Authority:
COMODO CA Limited

Valid from:
10/26/2011 2:00:00 AM

Valid to:
10/26/2014 1:59:59 AM

Subject:
CN=Antibody Software Limited, O=Antibody Software Limited, STREET=144 Doncaster Drive, STREET=Papamoa Beach, L=Tauranga, S=Bay of Plenty, PostalCode=3118, C=NZ

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D39D410A3C118AE7EC2FE1A059AD66D9

File PE Metadata
Compilation timestamp:
3/21/2014 2:33:05 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:TISSpP0Pm7SbS+5FuwcVjdkBwbCbpK5tK86C5:cSSum7SbSYcwBYCbpK5tv

Entry address:
0x47C000

Entry point:
EB, 05, 2D, 41, 06, BB, 3C, 50, EB, 04, 94, C5, 53, AC, E8, 15, 00, 00, 00, EB, 01, 51, EB, 01, DC, 33, C0, EB, 04, E2, 7E, D8, 45, 71, 62, EB, 03, 7F, 74, 6D, EB, 03, 28, 79, 1C, B8, 39, 48, 9A, F6, EB, 03, D1, 64, 3E, EB, 03, FE, CD, 3F, 05, C7, B7, 65, 09, EB, 03, 1F, 1E, 1B, 75, 3D, EB, 01, 2F, 64, FF, 30, EB, 01, EA, 64, 89, 20, EB, 03, 71, 34, 1F, EB, 05, BE, 4F, F5, 25, 6F, 8B, 10, EB, 02, D6, 43, 64, 8F, 00, EB, 05, F9, D5, 3E, BD, 05, 83, C4, 04, EB, 05, 05, E5, 6D, 44, 21, 58, EB, 02, 2C, FA, C3...
 
[+]

Code size:
3 MB (3,107,840 bytes)

Scan bid.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.