home

envisioneer_10.exe

Envisioneer

Cadsoft Corporation

The application envisioneer_10.exe by Cadsoft has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Cadsoft Corp.  (signed by Cadsoft Corporation)

Product:
Envisioneer

Version:
7, 2, 0, 0

MD5:
ae1f2c238cd73aa91a7162c701b437fd

SHA-1:
05e61eb97ffc21a58735372171a0825b98a015d2

SHA-256:
860fd2d4bd09687d17c842e553e6e54056dcdab0f0ee759b6b552f1e5dab9b99

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/27/2024 6:34:05 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.CadsoftCorporation (M)
16.1.31.11

File size:
3.5 MB (3,663,696 bytes)

Product version:
7, 2, 0, 0

Copyright:
Copyright 2011

Original file name:
Envisioneer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\cadsoft\envisioneer 10\bin\envisioneer_10.exe

Digital Signature
Signed by:
Cadsoft Corporation

Authority:
GlobalSign nv-sa

Valid from:
5/5/2014 5:35:29 AM

Valid to:
5/6/2015 5:35:29 AM

Subject:
E=support@cadsoft.com, CN=Cadsoft Corporation, O=Cadsoft Corporation, L=Guelph, S=ON, C=CA

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121F898285F1DA8CDA095A2273DBF12F1F1

File PE Metadata
Compilation timestamp:
7/16/2014 9:20:25 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
98304:wOwuyUa2v/EEJJ1ihW6cQU5rsG66QVAq5zG3faLA:Hw92nHJJoCqhG3yLA

Entry address:
0x144000

Entry point:
60, E8, 00, 00, 00, 00, 5D, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB...
 
[+]

Entropy:
7.2218

Packer / compiler:
ASPack v1.08.04

Code size:
808 KB (827,392 bytes)

Remove envisioneer_10.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.