» ic-0.5e84c718d0a8cc.exe
Overview
Analysis
File Details

ic-0.5e84c718d0a8cc.exe

Headlight Software, Inc.

The application ic-0.5e84c718d0a8cc.exe, “Change Settings that need Admun Privileges” has been detected as a potentially unwanted program by 7 anti-malware scanners.

File name:

Publisher:

Headlight Software, Inc.

Description:

Change Settings that need Admun Privileges

Version:

1.0.6.5

MD5:

a14c35bd9dda3ec464fd28ae455042c5

SHA-1:

d02954e93c6e9f6e0ddd202021e0ce4e3bfd7c0e

SHA-256:

6acec004ba1ac819e8372f5393e91163771e9c817a0a2e613a27cbf736ab357a

Scanner detections:

7 / 68

Status:

Potentially unwanted

Analysis date:

5/28/2024 8:48:48 AM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Win32.Trojan.Kryptik

4.0.3.17316

Bkav FE

W32.eHeur.Malware12

1.3.0.8876

ESET NOD32

Win32/Kryptik.FPMF (variant)

11.15094

F-Prot

W32/Cerber.AJ.gen

v6.4.7.1.166

Qihoo 360 Security

HEUR/QVM20.1.0000.Malware.Gen

1.0.0.1120

Reason Heuristics

Adware.Bundler (M)

17.3.16.0

Rising Antivirus

Malware.Generic.2!tfe (thunder:2:cy5jeB2Zt7F)

23.00.65.17314

File size:

527 KB (539,648 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\ic-0.5e84c718d0a8cc.exe

File PE Metadata

Compilation timestamp:

3/16/2017 6:20:12 PM

OS version:

3.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0x14B0

Entry point:

55, 8B, EC, 83, EC, 0C, E8, 45, 05, 00, 00, A1, 14, F3, 47, 00, 50, FF, 15, 90, A3, 45, 00, 8B, 0D, 14, F3, 47, 00, 51, FF, 15, 94, A3, 45, 00, 8B, 15, 14, F3, 47, 00, 52, FF, 15, 00, A4, 45, 00, FF, 15, 9C, A3, 45, 00, 68, D8, E6, 47, 00, FF, 15, A0, A3, 45, 00, FF, 15, A4, A3, 45, 00, A1, 14, F3, 47, 00, 50, FF, 15, A8, A3, 45, 00, FF, 15, AC, A3, 45, 00, 8B, 0D, 14, F3, 47, 00, 51, FF, 15, B0, A3, 45, 00, 8B, 15, 14, F3, 47, 00, 52, FF, 15, B4, A3, 45, 00, A1, 14, F3, 47, 00, 50, FF, 15, B8, A3, 45, 00... 
[+]

Entropy:

4.4865

Developed / compiled with:

Microsoft Visual C++

Code size:

354.5 KB (363,008 bytes)

Remove ic-0.5e84c718d0a8cc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.