home

BIB.exe

Business-in-a-Box Application

BizTree Inc.

Publisher:
BizTree Inc.  (signed and verified)

Product:
Business-in-a-Box Application

Version:
4, 0, 14, 0

MD5:
bf41c8fffc779f4b1ea83a50e172b5b9

SHA-1:
8288944eaa86d95d0cace90976f423d6c98ccab6

SHA-256:
79e8401b59004c37f461c641dd227205ef0fcd559bc59072b84bf75322ac0621

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/5/2024 5:01:10 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft A-Squared
Trojan.Crypt!IK
4.5.0.43

F-Secure
Suspicious:W32/Riskware!Online
11.2016-14-07_5

IKARUS anti.virus
Trojan.Crypt
t3scan.1.1.79.0

File size:
1.6 MB (1,632,472 bytes)

Product version:
4, 0, 14, 0

Copyright:
Copyright (C) 2008

Original file name:
BIB.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
BizTree Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
5/12/2008 4:00:00 AM

Valid to:
5/10/2009 3:59:59 AM

Subject:
CN=BizTree Inc., OU=ENVISION SBS, O=BizTree Inc., L=Montreal, S=Quebec, C=CA

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
46D7919F4F09A93F9C0C4208C2D47F8D

File PE Metadata
Compilation timestamp:
3/24/2008 10:50:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:GI4W4mwErhKQWbrM4DHhrAgTV7wH6X7QEraSJEmQ7s34OMnWSjEVghewXVo:GI4W4aJW1H9AKdwoQErbO7srMnWVuw

Entry address:
0x47444B

Entry point:
E8, 3B, FF, FF, FF, 05, 57, 54, 00, 00, FF, E0, E8, 2F, FF, FF, FF, 05, 86, 67, 00, 00, FF, E0, E8, 51, 02, 00, 00, 50, 93, 86, 00, 40, 18, A7, 91, 1D, 03, 03, 03, 03, 4B, 14, 9A, 35, 3D, 55, 66, 78, 0E, 01, 8B, 8D, 01, D7, 3A, 11, 56, 30, 93, 6D, 2B, AA, 41, 1C, 22, B8, 06, 2A, FE, F0, 00, 17, 17, 06, E8, 8A, 94, 10, 43, 0F, 5C, 22, 0B, 03, 39, 08, 7A, ED, 38, 5A, 60, 96, 4E, 1F, 2B, 34, 9D, 5A, B2, 08, 69, 2A, 16, A2, C7, 1B, DA, 69, A1, 73, 0D, 76, 1E, 0C, 2C, 73, 6B, 0D, 30, 3F, 47, 1D, 29, 2D, 32, 92...
 
[+]

Entropy:
7.9211  (probably packed)

Code size:
520 KB (532,480 bytes)

Scan BIB.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.