» CopernicAgent.exe
Overview
Analysis
File Details
Behaviors (1)

CopernicAgent.exe

Copernic Agent Basic

Copernic Technologies Inc.

The executable CopernicAgent.exe has been detected as malware by 13 anti-virus scanners.

File name:

CopernicAgent.exe

Publisher:

Copernic Technologies Inc. (signed and verified)

Product:

Copernic Agent Basic

Description:

Copernic Agent

Version:

6.1.2.0

MD5:

eada4eb6df16e026d82a6998c3bc5bc8

SHA-1:

09ebc46f4450e1b198198ee0bdf09608813d57b2

SHA-256:

9a10c06b9eaedb31b50b4b140f863f4360c0514536d608d66bb7f3c3dfbee56e

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

11/12/2024 7:31:43 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Mabezat [Wrm]

160326-0

AVG

Win32/Mabezat

2015.0.4355

Dr.Web

Win32.HLLW.Tazebama

9.0.1.05190

Emsisoft Anti-Malware

Win32.Worm.Mabezat.Gen

11.5.0.6191

ESET NOD32

Win32/Mabezat.A virus

7.0.302.0

F-Prot

W32/Mabezat.A-1

4.6.5.141

F-Secure

Win32.Worm.Mabezat.Gen

5.15.96

Kaspersky

Worm.Win32.Mabezat

15.0.0.562

McAfee

Virus.W32/Mabezat.a

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.217.2433.0

Norman

Win32.Worm.Mabezat.Gen

10.04.2016 15:29:17

Sophos

Virus 'W32/Mabezat-B'

5.23

VIPRE Antivirus

Threat.303962

48690

File size:

4.3 MB (4,490,567 bytes)

Product version:

AGENTBASIC 6.12 ENG

Original file name:

CopernicAgent.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\copernic agent\copernicagent.exe

Digital Signature

Signed by:

Copernic Technologies Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

1/8/2004 8:30:03 PM

Valid to:

2/3/2005 1:02:06 PM

Subject:

CN=Copernic Technologies Inc., OU=Secure Application Development, O=Copernic Technologies Inc., L=Sainte-Foy, S=Quebec, C=CA

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

1F6FF8

File PE Metadata

Compilation timestamp:

6/19/1992 10:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:G/TSToeLKtTSghHUeJOHDL9NvxQejQYYLNbwtw:G7Aoemte80eJOHDLSeGNbwu

Entry address:

0x31B90C

Entry point:

BB, 04, B2, 71, 00, FF, E3, 00, 9E, 71, 00, E8, 5C, BD, CE, FF, E8, D3, BD, CE, FF, B2, 01, A1, A4, 19, 6E, 00, E8, 5B, 63, FC, FF, 8B, 15, 54, 30, 72, 00, 89, 02, A1, CC, 66, 53, 00, E8, A1, AF, E1, FF, 8B, 15, 54, 30, 72, 00, 8B, 12, B9, 6C, B9, 71, 00, E8, C3, AF, E1, FF, A1, 54, 30, 72, 00, 8B, 00, E8, E3, BB, E1, FF, E8, DA, 94, CE, FF, 00, 00, FF, FF, FF, FF, 18, 00, 00, 00, 53, 4F, 46, 54, 57, 41, 52, 45, 5C, 43, 6F, 70, 65, 72, 6E, 69, 63, 5C, 41, 67, 65, 6E, 74, 5C, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

3.1 MB (3,254,784 bytes)

Internet Explorer Extension

Name:

{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084}

Remove CopernicAgent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.