» bid.exe
Overview
Analysis
File Details

bid.exe

Antibody Software Limited

File name:

bid.exe

Publisher:

Antibody Software (signed by Antibody Software Limited)

Description:

Bulk Image Downloader

Version:

3.16.0.2

MD5:

39de917ec6d1ed21b09f2ce716397bef

SHA-1:

3bffe64fc1a48dc16d28efedc9f2e45c60f8de75

SHA-256:

2a691d8c325d4d0afb964617e38cd705a05e25d82d55c36a8dc4b0f8b9ee4509

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 2:16:57 AM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Malware.XPACK-HIE/Heur!1.9C48

23.00.65.151223

File size:

1.7 MB (1,756,544 bytes)

Product version:

3.16

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\bulk image downloader\bid.exe

Digital Signature

Signed by:

Antibody Software Limited

Authority:

The USERTRUST Network

Valid from:

12/1/2008 5:00:00 PM

Valid to:

12/2/2011 4:59:59 PM

Subject:

CN=Antibody Software Limited, O=Antibody Software Limited, STREET=14 Grabella Place, STREET=Papamoa Beach, L=Tauranga, S=Bay of Plenty, PostalCode=3118, C=NZ

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00C980B2B0EACCF754561DEFABD8F86C2B

File PE Metadata

Compilation timestamp:

8/7/2010 11:38:58 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:lsgACtpMcIl0EVboOgSBDpSh5RQ70JgU+wttHJ4O8dBGP:pzM1Lkgcl0CtttpgBG

Entry address:

0x3DB000

Entry point:

EB, 02, 6F, D8, 50, EB, 02, 75, E8, E8, 19, 00, 00, 00, EB, 04, 10, 0F, CF, E6, EB, 01, 23, 33, C0, EB, 04, 43, 25, 75, 3E, 71, 3A, EB, 04, 79, 35, E9, 01, EB, 02, 6B, 90, 33, C0, EB, 04, 84, 00, D4, CF, 64, FF, 30, EB, 01, 18, 64, 89, 20, EB, 03, 10, 36, 07, EB, 03, CD, 56, C9, 8B, 10, EB, 04, 53, E0, B7, 2A, 58, EB, 03, 73, 02, 4D, C3, EB, 04, 33, FF, 55, E5, EB, 01, 85, 8B, 54, 24, 0C, EB, 04, D8, 7E, 83, 2E, EB, 01, 00, EB, 04, A2, 41, D0, 73, B9, FC, FF, FF, FF, EB, 03, 57, 99, 57, 81, 82, B8, 00, 00... 
[+]

Entropy:

7.9752

Packer / compiler:

FSG v1.10 (Microsoft Visual C++ 6.0 / 7.0)

Code size:

2.8 MB (2,950,656 bytes)

Scan bid.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.