home

i4Tools.exe

爱思助手 6.0

深圳市为爱普信息技术有限公司

This is a setup program which is used to install the application. The file has been seen being downloaded from 10.187.70.15 and multiple other hosts.
Publisher:
深圳市为爱普信息技术有限公司  (signed and verified)

Product:
爱思助手 6.0

Version:
6.1.8.0

MD5:
cb77594adb8d24166d28abb681936445

SHA-1:
a2613d570cab96d3da3593a56481db421d4d34cd

SHA-256:
b36a743b9bfa09082c973ba14d26c5eef3c35a2364e6207eb699863848841df6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/18/2024 10:23:54 PM UTC  (today)

File size:
9.4 MB (9,874,800 bytes)

Product version:
6.1.8.0

Copyright:
Copyright (C) 2015

Original file name:
i4Tools.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese

Common path:
C:\Program Files\i4tools6\i4tools.exe

Digital Signature
Signed by:
深圳市为爱普信息技术有限公司

Authority:
GlobalSign nv-sa

Valid from:
2/26/2016 8:20:32 AM

Valid to:
6/20/2016 10:09:33 AM

Subject:
CN=深圳市为爱普信息技术有限公司, OU=IT Dept., O=深圳市为爱普信息技术有限公司, L=Shenzhen, S=Guangdong, C=CN

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121489EB7D6639A5B0CB949A9C319C024FE

File PE Metadata
Compilation timestamp:
6/15/2016 12:23:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:fzHgY0Jx6W2smatN7qPvIfbe7sXv3B+qb1v:fzgLtJF0PvIff3B+qbp

Entry address:
0x3B1780

Entry point:
E8, 65, 05, 00, 00, E9, 1C, FD, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 28, 39, C9, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 28, 39, C9, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Code size:
4.2 MB (4,414,976 bytes)

The file i4Tools.exe has been seen being distributed by the following 2 URLs.

http://10.187.70.15/smarticloud-webcache-storages1/d.updater.i4.cn/i4toolupdate6/i4tools/.../CB77594ADB8D24166D28ABB681936445.exe

http://d.updater.i4.cn/i4toolupdate6/i4tools/.../CB77594ADB8D24166D28ABB681936445.exe

Scan i4Tools.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.