home

shareconnect_installer.exe

ShareConnect

Citrix Online

This is a setup and installation application. The file has been seen being downloaded from www.shareconnect.com.
Publisher:
Citrix, a division of Citrix Systems, Inc.  (signed by Citrix Online)

Product:
ShareConnect

Description:
ShareConnect" Installer

Version:
1.4 Build 1771

MD5:
1ffccfca059c0b3557cefe0237011392

SHA-1:
ee804592af525fd2b0f599561fa10616f319b2d0

SHA-256:
08236e801b0dce6958b9b859a8ccf46dd6701dca45a49d25f3c13d3b2fb5e89d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 12:33:37 PM UTC  (today)

File size:
13 MB (13,653,600 bytes)

Product version:
1.4 Build 1771

Copyright:
© 2000-2012 Citrix, a division of Citrix Systems, Inc. All rights reserved.

Original file name:
goSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\shareconnect_installer.exe

Digital Signature
Signed by:
Citrix Online

Authority:
VeriSign, Inc.

Valid from:
3/18/2014 8:00:00 PM

Valid to:
5/8/2015 7:59:59 PM

Subject:
CN=Citrix Online, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Operations, O=Citrix Online, L=Fort Lauderdale, S=Florida, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3E228A34D17F29234AAB15FCA8D23D7A

File PE Metadata
Compilation timestamp:
11/27/2014 1:05:56 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:7/h+Mk2d70T06vbSYeL3z4mqm2y+xtWnmE7I30uzmkUR1hsFnI07HhF4BXMbFmB2:YMX70I4bOD4maPxymkuaRQFnq5IlzBn

Entry address:
0x2CB0B

Entry point:
E8, 50, A2, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 66, 8B, 55, 0C, EB, 07, 66, 3B, CA, 74, 11, 40, 40, 0F, B7, 08, 66, 85, C9, 75, F1, 66, 39, 10, 74, 02, 33, C0, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 20, 53, 33, DB, 39, 5D, 0C, 75, 1D, E8, B7, 10, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 5D, DD, FF, FF, 83, C4, 14, 83, C8, FF, EB, 68, 8B, 45, 08, 3B, C3, 74, DC, 56, 89, 45, E8, 89, 45, E0, 8D, 45, 10, 50, 53, FF, 75, 0C, 8D, 45, E0, 50, C7, 45, EC, 42, 00, 00, 00, C7, 45...
 
[+]

Entropy:
7.9757  (probably packed)

Code size:
242 KB (247,808 bytes)

The file shareconnect_installer.exe has been seen being distributed by the following URL.

https://www.shareconnect.com/downloadSetup?productId=1&linkkey=1681301614693426468803835819739376753341418001129768

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.