home

searchtool.exe

Equipment Search Tool

This is a setup program which is used to install the application. The file has been seen being downloaded from foscam.es and multiple other hosts.
Product:
Equipment Search Tool

Description:
IPCamera MFC Application

Version:
1.0.0.5

MD5:
5fddf6939e409e09cb4f808bbee138d5

SHA-1:
2afb66758dd82d75f2b9b42458eac27e513d057c

SHA-256:
284b43ef2d41bf44b6a2043a609d6503c3b88fa4a604cdc322ef9126feca9e35

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 2:08:16 AM UTC  (today)

File size:
2.9 MB (3,079,168 bytes)

Product version:
1.0.0.5

Copyright:
Copyright (C) 2006

Original file name:
IPCamera.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
6/17/2015 8:53:01 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:aiV8m94SNFCTc3pQkV2RieqQgqMdwrq20nF16KgnfvcXvrw+YBsKiSLoCFcgmz06:Sm9/CTc3+kWieBgqMdwrq20nF16KkcXf

Entry address:
0x1C00F4

Entry point:
E8, ED, C8, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, FF, 75, 08, 51, E8, E5, C9, 00, 00, 59, 59, 5D, C2, 04, 00, 8B, FF, 51, C7, 01, 00, 30, 68, 00, E8, 61, C9, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 3C, 1E, E6, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, FF, 75, 08, 51, E8, 35, CB, 00, 00, 59, 59, 5D, C2, 04, 00, 8B, FF, 51, E8, 84, CA, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, 1A, 2B...
 
[+]

Code size:
2.3 MB (2,385,920 bytes)

The file searchtool.exe has been seen being distributed by the following 2 URLs.

http://foscam.es/.../SearchTool.exe

http://www.foscam.es/.../SearchTool.exe

Scan searchtool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.