home

ietabhelper.exe

ietabhelper.exe

Blackfish Software

Publisher:
Blackfish Software  (signed and verified)

Product:
ietabhelper.exe

Description:
IE Tab Helper application

Version:
9, 11, 21, 1

MD5:
e8ef1477b7f57b750433d5a67e3df9f9

SHA-1:
df9916c3ca3b6bccc09115da1a455ebdf30face7

SHA-256:
9b935db5d2b07ddcba81d6fd3a9efbe69629b002bf109ae96161ed269df857b1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 10:00:16 AM UTC  (today)

File size:
821.9 KB (841,608 bytes)

Product version:
9, 11, 21, 1

Copyright:
Copyright © 2014 Blackfish Software

Original file name:
helper.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\ie tab\9.11.21.1\ietabhelper.exe

Digital Signature
Signed by:
Blackfish Software

Authority:
GoDaddy.com, Inc.

Valid from:
3/24/2015 11:55:40 PM

Valid to:
4/19/2017 6:26:21 AM

Subject:
CN=Blackfish Software, O=Blackfish Software, L=Redmond, S=Washington, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00AF78B0B4986BBDAF

File PE Metadata
Compilation timestamp:
11/22/2016 6:31:43 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:0gL2ZzAF0qSfik8jNaeAE+7IUtNwqrPK9Hv4WN3MJBGIpjwQiLXcG:0PZzAF0qDVA/TPK9TxMJB5mQCcG

Entry address:
0x5A7CF

Entry point:
E8, 46, CB, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, F4, 5A, 47, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 24, 51, 47, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63...
 
[+]

Entropy:
5.7579

Code size:
464 KB (475,136 bytes)

The file ietabhelper.exe has been seen being distributed by the following 2 URLs.

chrome-extension://hehijbfgiekmjfkfjpbkbammjbdenadd/ietabhelper.exe

chrome-extension://hehijbfgiekmjfkfjpbkbammjbdenadd/ietabhelper.dat

Scan ietabhelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.