inbox3.exe

Inbox3

Xacti

The application inbox3.exe by Xacti has been detected as a potentially unwanted program by 7 anti-malware scanners. This file is typically installed with the program Inbox3 by Inbox.com, Inc.. While running, it connects to the Internet address waws-prod-blu-007.cloudapp.net on port 80 using the HTTP protocol.
Publisher:
Inbox.com, Inc.  (signed by Xacti)

Product:
Inbox3

Version:
1.0.0.16

MD5:
2f7c16dcfcba022d64b22980bc43a8d6

SHA-1:
fe99cd3cf9700cbd2e985690cca3a11a96bc37de

SHA-256:
39dac0f31d71eda75521c09d1edb66115a8b6e49a18ed60a6a03e956ea6e3dc7

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 12:05:52 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.Crawler
4.0.3.15726

Bkav FE
W32.HfsAdware
1.3.0.6379

Kaspersky
not-a-virus:WebToolbar.Win32.MusIn
14.0.0.1675

Panda Antivirus
Generic Suspicious
15.07.26.09

Qihoo 360 Security
Win32/Virus.WebToolbar.84e
1.0.0.1015

Reason Heuristics
Win32.Generic.Xacti.Meta
15.7.26.21

Trend Micro House Call
Suspicious_GEN.F47V0413
7.2.207

File size:
3.2 MB (3,319,232 bytes)

Product version:
1.0.0.0

Copyright:
© Inbox.com, Inc.

Original file name:
Inbox3.exe.ProductName

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\inbox3\inbox3.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
8/28/2013 5:00:00 PM

Valid to:
9/18/2015 4:59:59 PM

Subject:
CN=Xacti, O=Xacti, L=Boca Raton, S=Florida, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
723180E2A807DDA0F77264108931DA53

File PE Metadata
Compilation timestamp:
3/31/2015 5:56:05 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:99qnFTq1TG1rwSkr62OJbzSid4vKGtPhCtvy6quH+gTHBqeXS3yywFAJh:621Qbzt4vKGtPYAuHd+Cyks

Entry address:
0x280820

Entry point:
55, 8B, EC, 83, C4, F0, B8, 80, 4B, 67, 00, E8, 8C, AC, D8, FF, E8, 1B, 3B, FF, FF, E8, 76, 66, D8, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5874

Developed / compiled with:
Microsoft Visual C++

Code size:
2.5 MB (2,616,320 bytes)

The file inbox3.exe has been discovered within the following program.

Inbox3  by Inbox.com, Inc.
www.inbox.com
35% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to xx-fbcdn-shv-01-frt3.fbcdn.net  (31.13.92.14:443)

TCP (HTTP):
Connects to waws-prod-blu-007.cloudapp.net  (23.96.32.128:80)

TCP (HTTP SSL):
Connects to edge-z-m-mini-shv-01-fra3.facebook.com  (31.13.93.37:443)

TCP (HTTP):
Connects to edge-star-mini-shv-01-frt3.facebook.com  (31.13.92.36:80)

Remove inbox3.exe - Powered by Reason Core Security