home

iceEngine.exe

ComnsoBackup Engine

Comnso Inc.

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘iceBackup Autorun’.
Publisher:
Comnso Inc.  (signed and verified)

Product:
ComnsoBackup Engine

Version:
2.05.0188

MD5:
9640e9bc03d777071139336f784d8fdd

SHA-1:
2b7a0202a558f04ce917b859a92bb77d4034c503

SHA-256:
a282a5efdbf5e10f0e6afbb0c27953c7a2161e465e5333ea80f8b9dbb36a9d7a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 2:32:14 AM UTC  (today)

File size:
269 KB (275,456 bytes)

Product version:
2.05.0188

Copyright:
Comnso Inc. http://www.comnso.com

Original file name:
iceEngine.exe

File type:
Executable application (Win32 EXE)

Language:
Korean (Korea)

Common path:
C:\Program Files\comnso\comnsobackup\iceengine.exe

Digital Signature
Signed by:
Comnso Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/27/2008 11:24:42 PM

Valid to:
4/27/2009 11:24:42 PM

Subject:
CN=Comnso Inc., OU=Software Development Department, O=Comnso Inc., L=Guro-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
76DAF63CF79BB6FF5357001FB6247F6A

File PE Metadata
Compilation timestamp:
2/5/2009 12:35:08 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x6800

Entry point:
B8, 90, B8, 50, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, CD, 80, 80, 40, 3D, AF, 2F, 92, 82, 86, BE, 97, FE, CD, 0C, AD, C0, AA, E7, 6E, 36, 63, 5E, 7E, 38, 7E, 34, 59, 23, 37, AC, 8D, D3, AC, 28, 17, 78, 03, B3, A3, 59, 29, 7C, 36, 5D, C9, A4, D6, E1, CF, 22, 61, 8D, AD, 8B, 45, F8, EC, 48, 73, B2, 50, 10, F6, 20, 8F, 58, CA, 40, BE, A8, 87, B0, 8D, 07, AC, 17, BD, 96, 01, DD, 5D, B8, ED, 1E, 20, DA, 01, F9, 83, A2, F9, AF...
 
[+]

Entropy:
7.9862

Packer / compiler:
PECompact v2

Code size:
1 MB (1,060,864 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
iceBackup Autorun

Command:
C:\Program Files\comnso\comnsobackup\iceengine.exe \boot


Scan iceEngine.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.