home

e2b738df-38ad-bacb-7d77-410de053cd89_1d1cee8101027eb

INTIS

The file e2b738df-38ad-bacb-7d77-410de053cd89_1d1cee8101027eb by INTIS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
INTIS  (signed and verified)

MD5:
7cbdcb133a45da6018be02bb6170da21

SHA-1:
b3ed869a97fa31528b546a8f01c8959c0d8a21d8

SHA-256:
ecaf3676cab67c2f82164bbbb65db51b9cc7e233aa859eb590dfdd0fe386f4ec

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 1:53:09 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FileTour (M)
17.3.12.4

File size:
2.1 MB (2,235,848 bytes)

Common path:
C:\ProgramData\microsoft\windows defender\scans\filesstash\e2b738df-38ad-bacb-7d77-410de053cd89_1d1cee8101027eb

Digital Signature
Signed by:
INTIS

Authority:
COMODO CA Limited

Valid from:
4/16/2016 6:00:00 AM

Valid to:
4/17/2017 5:59:59 AM

Subject:
CN=INTIS, O=INTIS, STREET="Prospekt 40-letija Pobedy, 69, 1, 8", L=Rostov-Na-Donu, S=RU, PostalCode=344072, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E0D42565A341BEBE1BAFBF6CA79F6420

File PE Metadata
Compilation timestamp:
11/9/1987 10:16:02 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

Entry address:
0x205001

Entry point:
E9, F1, 03, 00, 00, EC, FF, E0, E9, 84, 18, 00, 00, BA, 6C, 2D, BF, D8, D8, FF, 68, 02, 53, 60, 00, C3, 77, 16, 85, 0F, BA, E8, B2, 68, 41, 07, B0, A3, 9C, 81, 44, 24, 04, 88, 5A, B0, 5C, 9D, C3, FA, 53, F5, 3F, 68, 2D, 63, 60, 00, 9C, FF, 4C, 24, 04, 9D, C3, 74, 14, 68, 3A, E5, 86, 55, 9C, 81, 6C, 24, 04, FE, 8D, 26, 55, 9D, C3, 90, E9, 84, 0E, 00, 00, CC, D5, E9, 83, 11, 00, 00, FF, 77, 81, E9, A1, 18, 48, FF, 68, A2, B0, 11, 25, 9C, 81, 6C, 24, 04, A6, 5A, B1, 24, 9D, C3, 38, 1D, CB, B9, B5, 0F, 89, FF...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
2 MB (2,079,744 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.