» ic3.exe
Overview
Analysis
File Details

ic3.exe

Bolide Software

File name:

ic3.exe

Publisher:

Bolide Software (signed and verified)

MD5:

2813f4363866a50581f80c66e2e7f4b4

SHA-1:

2960d4663667c451d8d6ca1c899e8019d7d99ec0

SHA-256:

c21bf23050d7b82f0ae9ec8a1b33e099a691553171396850278886766475f210

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/29/2024 4:31:36 PM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

Heur.Suspicious

20170

Rising Antivirus

PE:Malware.XPACK-HIE/Heur!1.9C48

23.00.65.15608

File size:

1.7 MB (1,737,928 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\imagecomparer\ic3.exe

Digital Signature

Signed by:

Bolide Software

Authority:

The USERTRUST Network

Valid from:

12/2/2007 11:00:00 AM

Valid to:

12/2/2008 10:59:59 AM

Subject:

CN=Bolide Software, OU=Maxim Smirnov, O=Bolide Software, STREET=Astrahanskaya 175/15-53, L=Tambov, S=RU, PostalCode=392005, C=RU

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

231E50BC705CFCF486DF352A14465FAC

File PE Metadata

Compilation timestamp:

6/20/1992 8:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:OSaEc2WOUfoDktcOqz70lboYP9X91cA5KJLum4:OSaIWOUfykpqno9P9QA5KJ74

Entry address:

0x442000

Entry point:

EB, 03, 17, 0F, CC, E8, 2A, 00, 00, 00, EB, 04, 4F, 7B, 37, 5E, EB, 03, EC, EC, A2, 8B, 54, 24, 0C, EB, 04, 53, 0E, 3B, B2, 83, 82, B8, 00, 00, 00, 25, EB, 03, 88, 38, 68, 33, C0, EB, 01, 4C, C3, EB, 01, 00, EB, 01, CB, 64, 67, FF, 36, 00, 00, EB, 04, 7A, 54, D2, D3, 64, 67, 89, 26, 00, 00, EB, 03, F6, EA, C8, EB, 04, F5, A5, EC, 2A, 50, EB, 02, FF, B4, 33, C0, EB, 01, 4F, 8B, 00, EB, 03, A1, B4, CA, C3, EB, 03, 14, 72, BE, E9, FA, 00, 00, 00, EB, 02, 8E, 3C, E8, D5, FF, FF, FF, EB, 03, 16, 83, 3E, EB, 03... 
[+]

Entropy:

7.9784 (probably packed)

Code size:

2.7 MB (2,821,632 bytes)

Scan ic3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.