home

envisioneer_10.exe

Envisioneer

Cadsoft Corporation

The application envisioneer_10.exe by Cadsoft has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
Cadsoft Corp.  (signed by Cadsoft Corporation)

Product:
Envisioneer

Version:
10, 1, 0, 0

MD5:
6456f8a36c2ae27c184053cc21fb8388

SHA-1:
0d965f32ad2820091544719e317f4e6ee085c1bc

SHA-256:
5d91eba44888c005c099ba314296238754ee455c71ddb292c49de8445cf2dc36

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 8:20:23 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.CadsoftCorporation (M)
15.12.3.9

File size:
3.5 MB (3,659,600 bytes)

Product version:
10, 1, 0, 0

Copyright:
Copyright 2014

Original file name:
Envisioneer.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\data\offline\b7e5db08\b0a941e3\envisioneer_10.exe

Digital Signature
Signed by:
Cadsoft Corporation

Authority:
GlobalSign nv-sa

Valid from:
5/5/2014 8:35:29 AM

Valid to:
5/6/2015 8:35:29 AM

Subject:
E=support@cadsoft.com, CN=Cadsoft Corporation, O=Cadsoft Corporation, L=Guelph, S=ON, C=CA

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121F898285F1DA8CDA095A2273DBF12F1F1

File PE Metadata
Compilation timestamp:
2/6/2015 7:07:45 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
49152:pORts0PMwJbxiiTMeFH0FBefX7nCl8qvdGJg1RnpDtY6RKO11sWu5VtFq/L4:mPdjUS68qvPnpDtYPQT

Entry address:
0xFB3F4

Entry point:
48, 83, EC, 28, E8, EB, 98, 00, 00, 48, 83, C4, 28, E9, 52, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, C6, 41, 18, 00, 48, 85, D2, 75, 7F, E8, 59, 80, 00, 00, 48, 89, 43, 10, 48, 8B, 90, C0, 00, 00, 00, 48, 89, 13, 48, 8B, 88, B8, 00, 00, 00, 48, 89, 4B, 08, 48, 3B, 15, 71, 5B, 06, 00, 74, 16, 8B, 80, C8, 00, 00, 00, 85, 05, 33, 57, 06, 00, 75, 08, E8, 18, A5, 00, 00, 48, 89, 03, 48, 8B, 05, 22, 56, 06, 00, 48, 39, 43, 08, 74, 1B, 48, 8B, 43, 10, 8B, 88, C8, 00, 00, 00, 85, 0D, 0C, 57, 06, 00...
 
[+]

Entropy:
6.6432

Code size:
716 KB (733,184 bytes)

Remove envisioneer_10.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.