» netbranch.exe
Overview
Analysis
File Details
Downloads (1)

netbranch.exe

Ellie Mae Inc

File name:

netbranch.exe

Publisher:

Ellie Mae (signed by Ellie Mae Inc)

Description:

Encompass360 NetBranch Installation Manage

Version:

6.2.0

MD5:

7f98ba33b537f2cf03012ca7388fc5e4

SHA-1:

130343d12cd93a1a81a74dca327ac1df6e458372

SHA-256:

af00c58a1dcdfdf865f66d53e7a6fa50c65bd9fa4eec00a213299a990e290f2c

Scanner detections:

2 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

1/5/2025 7:50:14 PM UTC (today)

Scan engine

Detection

Engine version

Norman

W32/Downloader

11.20160413

Quick Heal

Trojan.Agent.ATV

4.16.10.00

File size:

61.9 KB (63,376 bytes)

Ellie Mae

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\netbranch.exe

Digital Signature

Signed by:

Ellie Mae Inc

Authority:

VeriSign, Inc.

Valid from:

3/10/2008 5:00:00 PM

Valid to:

3/1/2010 4:59:59 PM

Subject:

CN=Ellie Mae Inc, OU=Datacenter Operations, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Ellie Mae Inc, L=Dublin, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

17C5C69D435C6EFD7FA4F6590FC6AEC4

File PE Metadata

Compilation timestamp:

11/13/2006 11:32:07 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

768:Kn3jboZr1JV6E0sv9/tIKd9N5paTGuc6JbmwFIgFq1LSbF:KnIfJcE0K/jda/JlzcuF

Entry address:

0x4197

Entry point:

55, 8D, 6C, 24, 88, 81, EC, 7C, 0F, 00, 00, 53, 56, 57, 33, FF, 68, 00, 01, 00, 00, 57, 89, 7D, 14, 89, 7D, FC, 89, 7D, F4, FF, 15, F8, 70, 40, 00, 6A, 04, 89, 45, 70, FF, 15, 24, 71, 40, 00, 89, 7D, 00, 89, 7D, F8, 89, 7D, 18, 89, 7D, F0, 89, 7D, 0C, 89, 7D, 04, 89, 7D, 08, 89, 7D, 40, 89, 7D, 1C, 89, 7D, 24, 89, 7D, 20, FF, 15, B8, 70, 40, 00, 8B, F0, 8A, 06, 3C, 22, 89, 75, 50, 75, 24, EB, 04, 3C, 22, 74, 0E, 46, 8A, 06, 84, C0, 89, 75, 50, 75, F2, 3C, 22, 75, 14, 46, 89, 75, 50, EB, 0E, 3C, 20, 74, 0F... 
[+]

Entropy:

5.8404

Code size:

24 KB (24,576 bytes)

The file netbranch.exe has been seen being distributed by the following URL.

http://download.elliemae.com/encompass/install/.../netbranch.exe

Scan netbranch.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.