home

icevRestore.exe

ComnsoBackup Restore

Comnso Inc.

This file is installed with the program ComnsoBackup.
Publisher:
Comnso Inc.  (signed and verified)

Product:
ComnsoBackup Restore

Version:
2.05.0066

MD5:
b36931df8f7a175447f243f302acafce

SHA-1:
d0d8ecf3b69720d69af1de7234b2270a5537e04c

SHA-256:
e9276b2bc5202a26d57281e6d62fcf77ea6e8df0b7a99f0fbe691c0b118dc353

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 3:43:44 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

Dr.Web
Trojan.VbCrypt.250
9.0.1.0181

File size:
51.5 KB (52,736 bytes)

Product version:
2.05.0066

Copyright:
Comnso Inc. http://www.comnso.com

Original file name:
icevRestore.exe

File type:
Executable application (Win32 EXE)

Language:
Koreanisch

Common path:
C:\Program Files\comnso\comnsorestore\icevrestore.exe

Digital Signature
Signed by:
Comnso Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/22/2009 3:22:24 AM

Valid to:
4/28/2010 8:24:42 AM

Subject:
CN=Comnso Inc., OU=Software Development Department, O=Comnso Inc., L=Guro-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
41730CE474D47D26CBC7287644AD0C65

File PE Metadata
Compilation timestamp:
11/11/2009 3:48:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:tT/NiW4P5OZWvQXEJW/yDquLd/z+qDgSqn4i:tTNQ5OZWvQXEfDquLdKugSqnX

Entry address:
0x25FC

Entry point:
B8, 04, A8, 42, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 68, E6, A5, 06, 29, 26, F1, BB, 61, 08, 1E, 86, 52, 21, FE, 2B, E5, D6, 70, 21, EE, 07, 96, 06, E1, E2, 42, 55, F3, 21, 5A, 49, CF, 5A, 77, DD, 02, 8F, 2A, EA, 6F, 95, DD, 21, E2, 17, 96, EA, E0, 68, 38, 69, DC, F2, 9A, 94, FD, 6D, 1F, C0, 0F, 68, CA, 2B, 40, 31, D8, 87, 1C, E1, A4, 23, C1, B4, 49, 7F, 55, 26, BF, 2E, 3D, 5A, E2, D8, 90, 06, 47, 4B, E6, 55, 70, AB, 21...
 
[+]

Packer / compiler:
PECompact v2

Code size:
148 KB (151,552 bytes)

The file icevRestore.exe has been discovered within the following program.

ComnsoBackup  by Comnso Inc.
www.comnso.com
About 5% of users remove it
 
Powered by Should I Remove It?

Scan icevRestore.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.