home

f_000044

herdProtect Anti-Malware Scanner

Reason Company Software Inc.

Warning, this is an unsigned version of herdProtect and might be compromised. If you have this version on your PC please remove it and install a legitimate version from our website.
The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.
Publisher:
Reason Company Software Inc.

Product:
herdProtect Anti-Malware Scanner

Version:
1.0.3.9

MD5:
7dbca4054c59b472a478a1167a37ab0f

SHA-1:
a47f8ea6607000e1fd341608f6722c0a137f71a9

SHA-256:
cdc91c60be04910af496fecdf14ef541a15a314020656d5855a9a537ea254044

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/23/2024 5:16:20 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Detection.Undefined
7.0.302.0

Rising Antivirus
PE:Malware.ArcadeWeb!6.727
23.00.65.15525

File size:
2.5 MB (2,656,548 bytes)

Product version:
1.0.3.9

Copyright:
Copyright Reason Company Software Inc.

Trademarks:
herdProtect is a Trademark of Reason Company Software Inc.

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\google\chrome\user data\default\cache\f_000044

File PE Metadata
Compilation timestamp:
5/19/2013 7:52:51 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:j5IxrTwwfRGos57i3hg9KUhEBfrvafngImVq9O4VdU16jfUK:iXGojafgfcDzUK

Entry address:
0x30DC

Entry point:
81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 1C, C7, 44, 24, 10, 90, 91, 40, 00, 89, 5C, 24, 18, C6, 44, 24, 14, 20, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 8C, 72, 40, 00, 6A, 08, A3, 78, 3F, 42, 00, E8, 6E, 2D, 00, 00, A3, C4, 3E, 42, 00, 53, 8D, 44, 24, 38, 68, 60, 01, 00, 00, 50, 53, 68, 80, F4, 41, 00, FF, 15, 64, 71, 40, 00, 68, 80, 91, 40, 00, 68, C0, 36, 42, 00, E8, 18, 2A, 00, 00, FF, 15, 1C, 71, 40, 00, BD, 00, 90, 42, 00, 50, 55, E8, 06, 2A...
 
[+]

Entropy:
7.9310

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

Scan f_000044 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.