home

herdprotectscan_setup.exe

herdProtect Anti-Malware Scanner

Reason Company Software Inc.

Warning, this is an unsigned version of herdProtect and might be compromised. If you have this version on your PC please remove it and install a legitimate version from our website.
This is a setup and installation application. The file has been seen being downloaded from dl-web.dropbox.com and multiple other hosts.
Publisher:
Reason Company Software Inc.

Product:
herdProtect Anti-Malware Scanner

Version:
1.0.3.9

MD5:
7fb0a595b42813655a948821b5fb7566

SHA-1:
729df8e56e37f5347ecb2de77ba0ff3074b010e4

SHA-256:
3cbdf0b5a79dfb12a1bf30906a0903ea0cf316c94677bf863af9069bb27e79ee

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

False Positives:
A number of engines detected this file but were erroneous detections (false positives).

Analysis date:
12/26/2024 7:56:12 AM UTC  (today)

File size:
2.4 MB (2,515,504 bytes)

Product version:
1.0.3.9

Copyright:
Copyright Reason Company Software Inc.

Trademarks:
herdProtect is a Trademark of Reason Company Software Inc.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
8/24/2001 8:30:00 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.55

CTPH (ssdeep):
49152:t51UxrOxRjdlmJ0KzAL6izxiSbFl/tdfngImVq9O4VdU16jfU4V:VU85dIJ0ulizjbb/jfgfcDzUW

Entry address:
0x11F0

Entry point:
55, 89, E5, 83, EC, 08, 83, C4, F4, 6A, 02, A1, C8, B2, 40, 00, FF, D0, E8, 79, FF, FF, FF, C9, C3, 00, 00, 00, 00, 00, 00, 00, 49, 01, 23, 32, 32, 32, 21, 45, 73, 62, 68, 70, 6F, 21, 77, 6A, 73, 76, 74, 2F, 21, 43, 70, 73, 6F, 21, 6A, 6F, 21, 62, 21, 75, 73, 70, 71, 6A, 64, 62, 6D, 21, 74, 78, 62, 6E, 71, 2F, 00, 5C, 00, 20, 00, 22, 00, 8D, 76, 00, 55, 89, E5, 8B, 4D, 08, 8B, 55, 0C, 31, C0, 39, D0, 73, 08, 00, 04, 08, 40, 39, D0, 72, F8, C9, C3, 8D, 76, 00, 55, 89, E5, 8B, 4D, 08, 8B, 55, 0C, 31, C0, 39...
 
[+]

Entropy:
7.9249

Packer / compiler:
Video-Lan-Client

Code size:
32.5 KB (33,280 bytes)

The file herdprotectscan_setup.exe has been seen being distributed by the following 16 URLs.

https://dl-web.dropbox.com/.../herdProtectScan_Setup.exe

http://113.171.224.177/.../herdProtectScan_Setup.exe

https://docs.google.com/uc?authuser=0&id=0BxYmhWpt2yJ8d1NKM09oa2hvVlE&export=download

http://www.tamindir.com/indir/MjAxNC0xMC0xMSAyMDoxMToxMQ==/herdprotect/.../1.0.3.2

http://herdprotect-anti-malware-scanner.software.informer.com/.../

http://www.downloadcrew.com/?act=software.download&id=33285&t=1412883953&c=1a74fd399a76f16bce2671cfa6604c77de009734

http://ok.ru/dk?cmd=logExternal&st.name=externalLinkRedirect&st.link=http://www.herdprotect.com/.../herdProtectScan_Setup.exe

http://www.odnoklassniki.ru/dk?cmd=logExternal&st.name=externalLinkRedirect&st.link=http://www.herdprotect.com/.../herdProtectScan_Setup.exe

http://www.jetelecharge.com/tel.php?id=7526

https://www.herdprotect.com/.../herdProtectScan_Setup.exe

https://herdprotect.com/.../herdProtectScan_Setup.exe

http://odnoklassniki.ru/dk?cmd=logExternal&st.name=externalLinkRedirect&st.link=http://www.herdprotect.com/.../herdProtectScan_Setup.exe

http://www.odnoklassniki.ru/dk?cmd=logExternal&st._aid=Discussions_Openlink&st.name=externalLinkRedirect&st.link=http://www.herdprotect.com/.../herdProtectScan_Setup.exe

http://www.herdprotect.com/.../herdProtectScan_Setup.exe

http://suggestor.pirrit.com/.../offers.php?r=0&d=aHR0cCUzQS8vd3d3LmhlcmRwcm90ZWN0LmNvbS9pbnN0YWxsZXJzL2hlcmRQcm90ZWN0U2Nhbl9TZXR1cC5leGU=&n=aGVyZFByb3RlY3RTY2FuX1NldHVwLmV4ZQ==

http://external.comss.ru/url.php?url=http://dl3.comss.ru/.../herdProtectScan_Setup.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.