home

detect.exe

iMBC Co., Ltd.

Publisher:
iMBC  (signed by iMBC Co., Ltd.)

Version:
1.0.0.6

MD5:
7f7f6f03c16953b08ec9562c30d561f3

SHA-1:
c0d2da0498369e5e2e4330d2db9410cc279c87ae

SHA-256:
c0f11030f89211d8d71fc5bb85ffc13b93ad9998c0e26b5d7b40519ccf928341

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 6:26:01 PM UTC  (today)

File size:
903.1 KB (924,728 bytes)

Product version:
1.0.0.6

Copyright:
Copyright (C) 2015

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\bigfile\detect.exe

Digital Signature
Signed by:
iMBC Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/9/2015 9:00:00 AM

Valid to:
5/8/2016 8:59:59 AM

Subject:
CN="iMBC Co., Ltd.", O="iMBC Co., Ltd.", L=Mapo-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
039915414DA8527B33612D0FDFA9C974

File PE Metadata
Compilation timestamp:
11/24/2015 11:46:49 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:SL1wt75Ob5pm3JPdmcUgi4Ln4gina9Awtl7rtnw8GCk:SI0Npw1degHn4gimAgHw8o

Entry address:
0x488E2

Entry point:
E8, 7C, 05, 00, 00, E9, B3, FD, FF, FF, CC, CC, CC, CC, 51, 8D, 4C, 24, 04, 2B, C8, 1B, C0, F7, D0, 23, C8, 8B, C4, 25, 00, F0, FF, FF, 3B, C8, 72, 0A, 8B, C1, 59, 94, 8B, 00, 89, 04, 24, C3, 2D, 00, 10, 00, 00, 85, 00, EB, E9, CC, CC, CC, CC, CC, FF, 25, 60, 02, 4A, 00, FF, 25, 64, 02, 4A, 00, FF, 25, 68, 02, 4A, 00, FF, 25, 6C, 02, 4A, 00, FF, 25, 70, 02, 4A, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 30, 4F, 4C, 00, 33, C5, 50, FF, 75, FC, C7, 45...
 
[+]

Entropy:
6.5777

Code size:
632.5 KB (647,680 bytes)

The file detect.exe has been seen being distributed by the following 3 URLs.

http://patch1.pdpop.com/appx/.../detect.exe

http://setup.tple.co.kr/files/application/tple/new/.../detect.exe

http://patch.pdpop.com/appx/.../detect.exe

Scan detect.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.