home

{blocked}.exe

Brain Freeze Software

This is a self-extracting archive and installer. The file has been seen being downloaded from www.islipsforquickbooks.com.
Publisher:
Brain Freeze Software

Description:
iSlips For QuickBooks Sync Setup

Version:
2.0.2.0

MD5:
d49fb2cd4dd628ee7bde28a308bf9060

SHA-1:
bdc5822360fa18578c0c67b5191a812c0fc50e59

SHA-256:
6b627edb10e1fe016177870d855b2a8b8552e2a66b2f9ed3f182f3ffab953bae

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/1/2025 6:43:18 PM UTC  (today)

File size:
16 MB (16,735,875 bytes)

Product version:
2.0.2.0

Copyright:
© Brain Freeze Software, 2014

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\islips_for_quickbooks_sync_setup.exe

File PE Metadata
Compilation timestamp:
10/2/2010 2:32:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:ACgH9hxfjpGiC24rc+rxQmzfp6PiJ/nUf6Q/raIBjEY:WlGT2+Qm7USaa+jX

Entry address:
0x1926

Entry point:
E8, 7D, 04, 00, 00, E9, 37, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, 31, 40, 00, 89, 0D, 3C, 31, 40, 00, 89, 15, 38, 31, 40, 00, 89, 1D, 34, 31, 40, 00, 89, 35, 30, 31, 40, 00, 89, 3D, 2C, 31, 40, 00, 66, 8C, 15, 58, 31, 40, 00, 66, 8C, 0D, 4C, 31, 40, 00, 66, 8C, 1D, 28, 31, 40, 00, 66, 8C, 05, 24, 31, 40, 00, 66, 8C, 25, 20, 31, 40, 00, 66, 8C, 2D, 1C, 31, 40, 00, 9C, 8F, 05, 50, 31, 40, 00, 8B, 45, 00, A3, 44, 31, 40, 00, 8B, 45, 04, A3, 48, 31, 40, 00, 8D, 45, 08, A3, 54, 31, 40...
 
[+]

Entropy:
7.9510  (probably packed)

Code size:
4 KB (4,096 bytes)

The file {blocked}.exe has been seen being distributed by the following URL.

http://www.islipsforquickbooks.com/iSlips_For_QuickBooks_Sync_Setup.exe

Scan {blocked}.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.