» answersbyupdateservice.exe
Overview
Analysis
File Details
Behaviors (1)

answersbyupdateservice.exe

Sutherland Global Services, Inc.

It runs as a windows Service named “AnswersBy PC SmartCare Updater”.

File name:

Publisher:

Sutherland Global Services, Inc. (signed and verified)

Description:

AnswersBy Update Exe

Version:

1.0.0.6

MD5:

ca700397c81b3654bb365fe32b992646

SHA-1:

761f5f75198496f77ded008496f85558514849f4

SHA-256:

28e933895830d363138fdeb1f612d16f69dd65795e79b9dabd232cfab1b2a90f

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

5/5/2024 10:53:06 PM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Win32.Trojan.WisdomEyes.16070401.9500

4.0.3.1733

Qihoo 360 Security

HEUR/QVM05.1.0000.Malware.Gen

1.0.0.1120

File size:

3.2 MB (3,388,840 bytes)

Product version:

2.0

Original file name:

AnswersByUpdateService

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\answersby pc smartcare\answersbyupdateservice.exe

Digital Signature

Signed by:

Sutherland Global Services, Inc.

Authority:

Symantec Corporation

Valid from:

2/3/2016 7:00:00 PM

Valid to:

9/27/2017 7:59:59 PM

Subject:

CN="Sutherland Global Services, Inc.", O="Sutherland Global Services, Inc.", L=Rochester, S=New York, C=US

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

0AA0388C35B76762BB7260AFE2D23118

File PE Metadata

Compilation timestamp:

2/21/2017 8:37:56 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x2E16D0

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, AC, 89, 6C, 00, E8, 8B, E2, D2, FF, A1, 18, 7F, 6E, 00, 8B, 00, 80, 78, 40, 00, 74, 10, A1, 18, 7F, 6E, 00, 8B, 00, E8, DE, A2, F1, FF, 84, C0, 74, 0C, A1, 18, 7F, 6E, 00, 8B, 00, 8B, 10, FF, 52, 44, 8B, 0D, AC, 7D, 6E, 00, A1, 18, 7F, 6E, 00, 8B, 00, 8B, 15, 88, 11, 6C, 00, 8B, 18, FF, 53, 40, A1, 18, 7F, 6E, 00, 8B, 00, 8B, 10, FF, 52, 48, 5B, E8, BC, 88, D2, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6051

Developed / compiled with:

Microsoft Visual C++

Code size:

2.9 MB (3,014,144 bytes)

Service

Display name:

AnswersBy PC SmartCare Updater

Service name:

AnswersByDownloadService

Type:

Win32OwnProcess, InteractiveProcess

Scan answersbyupdateservice.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.