» 89e23b6c4c56b9cdca8700b8511151567906077a
Overview
Analysis
File Details

89e23b6c4c56b9cdca8700b8511151567906077a

herdProtect Anti-Malware Scanner

Reason Company Software Inc.

Warning, this is an unsigned version of herdProtect and might be compromised. If you have this version on your PC please remove it and install a legitimate version from our website.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is installed within the Mozilla Firefox web browser as part of an addin/plugin.

File name:

89e23b6c4c56b9cdca8700b8511151567906077a

Publisher:

Reason Company Software Inc.

Product:

herdProtect Anti-Malware Scanner

Version:

1.0.3.9

MD5:

f1f34134a8a6e5464bbb16bcfb641cf8

SHA-1:

368dfb0c4ce503a266851305e767fcdec91ad505

SHA-256:

678869b205d8b835de41bd4724ba9324864361dcf0fa9d0b41dec4ff06c504c2

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/25/2024 5:13:26 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Detection.Undefined

7.0.302.0

Rising Antivirus

PE:Malware.ArcadeWeb!6.727

23.00.65.141219

File size:

707.9 KB (724,847 bytes)

Product version:

1.0.3.9

Trademarks:

herdProtect is a Trademark of Reason Company Software Inc.

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\mozilla\firefox\profiles\{user}.default\cache2\entries\89e23b6c4c56b9cdca8700b8511151567906077a

File PE Metadata

Compilation timestamp:

5/20/2013 2:52:51 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:QqDDV4Cgiq7iojrnsV2o0urCS9i1IHR6WHBjSwOV4b9u9epqfnDqrteXHma5jTqw:jDV4D7djrns4vuVKsWn4pu9AqfDqUXGc

Entry address:

0x30DC

Entry point:

81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 1C, C7, 44, 24, 10, 90, 91, 40, 00, 89, 5C, 24, 18, C6, 44, 24, 14, 20, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 8C, 72, 40, 00, 6A, 08, A3, 78, 3F, 42, 00, E8, 6E, 2D, 00, 00, A3, C4, 3E, 42, 00, 53, 8D, 44, 24, 38, 68, 60, 01, 00, 00, 50, 53, 68, 80, F4, 41, 00, FF, 15, 64, 71, 40, 00, 68, 80, 91, 40, 00, 68, C0, 36, 42, 00, E8, 18, 2A, 00, 00, FF, 15, 1C, 71, 40, 00, BD, 00, 90, 42, 00, 50, 55, E8, 06, 2A... 
[+]

Entropy:

7.5427

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

Scan 89e23b6c4c56b9cdca8700b8511151567906077a - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.