» {2c121be0-9409-4d97-b5e4-7fd5c473c2da}
Overview
Analysis
File Details

{2c121be0-9409-4d97-b5e4-7fd5c473c2da}

iDatix Corporation

The file {2c121be0-9409-4d97-b5e4-7fd5c473c2da} by iDatix has been detected as a potentially unwanted program by 25 anti-malware scanners.

File name:

Publisher:

iDatix Corporation (signed and verified)

MD5:

244814902c390994267774a3dadf2a97

SHA-1:

9880952208396b75deaccedaa8069a717022a54c

SHA-256:

d117d2f2227198ebad7c14e5cb06151d55ff956d3b655de3918ac573716235b4

Scanner detections:

25 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 12:16:19 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.LoadMoney.R

856

Agnitum Outpost

PUA.Downloader

7.1.1

AhnLab V3 Security

PUP/Win32.Toolbar

2014.10.02

Avira AntiVirus

ADWARE/Adware.Gen

7.11.176.28

avast!

Win32:Webalta-Y [PUP]

140929-0

AVG

Could be an adware AdLoad

2014.0.4025

Bitdefender

Application.LoadMoney.R

1.0.20.1375

Comodo Security

Application.Win32.Webalta.GU

19678

Dr.Web

Adware.Webalta.675

9.0.1.05190

ESET NOD32

Win32/AdWare.Toolbar.Webalta.GT application

7.0.302.0

F-Prot

W32/A-60a331ce

v6.4.7.1.166

F-Secure

Application.LoadMoney.R

11.2014-02-10_5

G Data

Application.LoadMoney

14.10.24

IKARUS anti.virus

AdWare.Adload

t3scan.1.7.8.0

K7 AntiVirus

Adware

13.183.13550

Kaspersky

not-a-virus:Downloader.Win32.LMN

15.0.0.494

McAfee

PUP-FPY

5600.6990

MicroWorld eScan

Application.LoadMoney.R

15.0.0.825

NANO AntiVirus

Trojan.Win32.LMN.dejjnp

0.28.2.62440

Reason Heuristics

PUP.iDatixCorporation.g

14.10.2.5

Sophos

WebAlta Toolbar

4.98

SUPERAntiSpyware

Adware.Webalta

10325

Vba32 AntiVirus

Downloader.LMN

3.12.26.3

VIPRE Antivirus

Threat.4150696

33520

Zillya! Antivirus

Downloader.LMN.Win32.116214

2.0.0.1940

File size:

1.1 MB (1,148,688 bytes)

Digital Signature

Signed by:

iDatix Corporation

Authority:

VeriSign, Inc.

Valid from:

9/10/2012 6:00:00 AM

Valid to:

10/2/2015 5:59:59 AM

Subject:

CN=iDatix Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=iDatix Corporation, L=Clearwater, S=Florida, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6A2BECD74BF6AAF73D2D909F5C4A93CD

File PE Metadata

Compilation timestamp:

6/20/1992 4:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:k54FiqJLc5xMtKFXucn17XLo7kNw1LfU7KTXnSeGeTzsUIipV:keJsx5Yc1DkICI7feGGzsl

Entry address:

0x840E4

Entry point:

55, 8B, EC, 83, C4, F0, B8, DC, 3E, 48, 00, E8, B8, 26, F8, FF, A1, 2C, 69, 48, 00, 8B, 00, E8, A4, 8D, FD, FF, 8B, 0D, 30, 69, 48, 00, A1, 2C, 69, 48, 00, 8B, 00, 8B, 15, A0, 23, 47, 00, E8, A4, 8D, FD, FF, 8B, 0D, 64, 67, 48, 00, A1, 2C, 69, 48, 00, 8B, 00, 8B, 15, 04, 22, 47, 00, E8, 8C, 8D, FD, FF, 8B, 0D, A8, 69, 48, 00, A1, 2C, 69, 48, 00, 8B, 00, 8B, 15, 94, 3C, 48, 00, E8, 74, 8D, FD, FF, A1, 2C, 69, 48, 00, 8B, 00, E8, E8, 8D, FD, FF, E8, 73, 01, F8, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

524.5 KB (537,088 bytes)

Remove {2c121be0-9409-4d97-b5e4-7fd5c473c2da} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.