» igsviewersetup.exe
Overview
Analysis
File Details
Downloads (1)

igsviewersetup.exe

IGS Viewer

IdeaMK

The application igsviewersetup.exe, “IGS Viewer Setup ” has been detected as a potentially unwanted program by 3 anti-malware scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider. The file has been seen being downloaded from igsviewer.com.

File name:

igsviewersetup.exe

Publisher:

IdeaMK

Product:

IGS Viewer

Description:

IGS Viewer Setup

MD5:

9bd4f7ec6fb2d45d91b7f75372b10818

SHA-1:

deac30b91f2430aa6b94e98bad180c45295aa08c

SHA-256:

f0d7d38fbb1b7ae3df92cff659df82d46431a4611cf9344d3d07302abc19bab4

Scanner detections:

3 / 68

Status:

Potentially unwanted

Explanation:

The installer may include an offer for the Babylon Toolbar (a homepage/search hijacker), which is potentially installed with minimal user consent.

Analysis date:

1/4/2025 10:18:43 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Adware.Downware.23

9.0.1.0153

Emsisoft Anti-Malware

Riskware.Win32.Toolbar.Babylon.AMN

8.14.06.02.11

ESET NOD32

Win32/Toolbar.Babylon

8.8386

File size:

13 MB (13,583,896 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:PGmhLMUf49e7PwflG23kEzPNMOTc0ON0Y5VN0GQNEeXRCThuakZIyPly:DLVAM0Nv7ZTc0OaIGNEehraaIyPE

Entry address:

0x9B24

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, A2, 95, FF, FF, E8, A9, A7, FF, FF, E8, D4, C9, FF, FF, E8, 1B, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, DB, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, A4, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 04, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 53, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8... 
[+]

Entropy:

7.9998

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file igsviewersetup.exe has been seen being distributed by the following URL.

http://igsviewer.com/.../IGSViewerSetup.exe

Remove igsviewersetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.