home

iase.exe

InstallAnywhere

Zero G Software, Inc.

This is a self-extracting archive and installer. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from jr.letertre.free.fr.
Publisher:
Zero G Software, Inc.

Product:
InstallAnywhere

Description:
InstallAnywhere Self Extractor

Version:
5, 0, 0, 0

MD5:
a156c608625bf4dc4d32f043935054a8

SHA-1:
aec73c212b086659d323fac25723fc537fa5e606

SHA-256:
12516ed427b7fbe1c5af7e0c7382350cb78bcfba8619a090e473473bf648757b

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/24/2024 5:46:44 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Win32.Ipamor
8.13.12.29.06

File size:
30.3 MB (31,809,226 bytes)

Product version:
5, 0, 0, 0

Copyright:
Copyright © 1998-2002

Original file name:
iase.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\iase.exe

File PE Metadata
Compilation timestamp:
9/21/2001 8:50:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:tUByEhUSHFSyiWbruCHRjij+QFhHmUjZw1qS5B5vwfu3T1EFj7KkRThGR1ilTru6:tUByExFAWnvHpiyQFs1z5vw/Fz1sXByn

Entry address:
0x48608

Entry point:
83, 3D, F4, 30, 44, 00, 00, 55, 8B, EC, 56, 57, 75, 6B, 68, 00, 01, 00, 00, E8, 94, 0A, 00, 00, 83, C4, 04, 8B, 75, 08, A3, F4, 30, 44, 00, 85, F6, 74, 23, 83, 7D, 0C, 03, 77, 1D, 68, FF, 00, 00, 00, 50, 56, FF, 15, C0, 62, 44, 00, 85, C0, 74, 0C, C7, 05, DC, 56, 44, 00, 01, 00, 00, 00, EB, 32, 33, FF, 57, 89, 3D, DC, 56, 44, 00, FF, 15, DC, 62, 44, 00, 8B, F0, 68, FF, 00, 00, 00, A1, F4, 30, 44, 00, 89, 7D, 10, C7, 45, 0C, 01, 00, 00, 00, 50, 56, FF, 15, C0, 62, 44, 00, EB, 03, 8B, 75, 08, E8, 77, E9, FF...
 
[+]

Entropy:
7.9989  (probably packed)

Code size:
12.5 KB (12,800 bytes)

Scheduled Task
Task name:
{ECE93451-9B35-4DB1-8F49-474B8F894E8E}

Trigger:
Registration (Runs on registration)


The file iase.exe has been seen being distributed by the following URL.

http://jr.letertre.free.fr/.../flexi_point_setup_fr.exe

Scan iase.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.