» envisioneer_10.exe
Overview
Analysis
File Details

envisioneer_10.exe

Envisioneer

Cadsoft Corporation

The application envisioneer_10.exe by Cadsoft has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

envisioneer_10.exe

Publisher:

Cadsoft Corp. (signed by Cadsoft Corporation)

Product:

Envisioneer

Version:

10, 1, 0, 0

MD5:

978c719adc0a374e5688e87f8dbb5155

SHA-1:

3e744278bee04e6a1055b760a789b8d5477396f5

SHA-256:

0f49ab974ac15e9e0730687722e3d99f845955def97367347aaab7ef65a3ab9d

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/27/2024 6:27:55 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

16.12.13.12

File size:

3.5 MB (3,663,696 bytes)

Product version:

10, 1, 0, 0

Original file name:

Envisioneer.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\cadsoft\envisioneer 10\bin\envisioneer_10.exe

Digital Signature

Signed by:

Cadsoft Corporation

Authority:

GlobalSign nv-sa

Valid from:

5/5/2014 8:35:29 AM

Valid to:

5/6/2015 8:35:29 AM

Subject:

E=support@cadsoft.com, CN=Cadsoft Corporation, O=Cadsoft Corporation, L=Guelph, S=ON, C=CA

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121F898285F1DA8CDA095A2273DBF12F1F1

File PE Metadata

Compilation timestamp:

2/10/2015 9:59:32 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

83.82

Entry address:

0x144000

Entry point:

60, E8, 00, 00, 00, 00, 5D, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB... 
[+]

Entropy:

7.2219

Packer / compiler:

ASPack v1.08.04

Code size:

808 KB (827,392 bytes)

Remove envisioneer_10.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.