home

envisioneer_10.exe

Envisioneer

Cadsoft Corporation

The application envisioneer_10.exe by Cadsoft has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Cadsoft Corp.  (signed by Cadsoft Corporation)

Product:
Envisioneer

Version:
10, 1, 0, 0

MD5:
feb0d98db8cda608e7422b742a3b4fd7

SHA-1:
f9bdaf22e3f4c3fcbc9b417abc52c9ae644566cd

SHA-256:
f609bc40362f8e5062adfb1cd03d1766145b702622cacdd78f6adc278f7167b5

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 8:32:18 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.CadsoftC (M)
16.4.19.0

File size:
3.5 MB (3,663,696 bytes)

Product version:
10, 1, 0, 0

Copyright:
Copyright 2014

Original file name:
Envisioneer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\cadsoft\envisioneer 10\bin\envisioneer_10.exe

Digital Signature
Signed by:
Cadsoft Corporation

Authority:
GlobalSign nv-sa

Valid from:
5/5/2014 3:35:29 PM

Valid to:
5/6/2015 3:35:29 PM

Subject:
E=support@cadsoft.com, CN=Cadsoft Corporation, O=Cadsoft Corporation, L=Guelph, S=ON, C=CA

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121F898285F1DA8CDA095A2273DBF12F1F1

File PE Metadata
Compilation timestamp:
2/6/2015 6:27:49 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
83.82

CTPH (ssdeep):
98304:LOwuyUa2v/b6BhnZcZ6cQU5rsG66QVAq5zIN+R8Ql:iw92nWBhpCqh0Ql

Entry address:
0x144000

Entry point:
60, E8, 00, 00, 00, 00, 5D, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB, 0F, B8, EB, 07, B9, EB, 0F, 90, EB, 08, FD, EB, 0B, F2, EB, F5, EB, F6, F2, EB, 08, FD, EB, E9, F3, EB, E4, FC, E9, 9D, 0F, C9, 8B, CA, F7, D1, 59, 58, 50, 51, 0F, CA, F7, D2, 9C, F7, D2, 0F, CA, EB, 0F, B9, EB...
 
[+]

Entropy:
7.2222

Packer / compiler:
ASPack v1.08.04

Code size:
808 KB (827,392 bytes)

Remove envisioneer_10.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.