home

icevRestore.exe

ComnsoBackup Restore

Comnso Inc.

This file is installed with the program ComnsoBackup.
Publisher:
Comnso Inc.  (signed and verified)

Product:
ComnsoBackup Restore

Version:
2.05.0065

MD5:
c4ad0426d6d2006e98246f6d2cb05cb5

SHA-1:
f052bea29051ec2b47479ea47bcd61d59452a1fa

SHA-256:
f30bc94519d9ca1de770a759e1f56ed9ddb366c52e4907c522a61c48d276f97f

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/27/2024 12:12:33 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

Dr.Web
Trojan.VbCrypt.250
9.0.1.0318

File size:
51.5 KB (52,736 bytes)

Product version:
2.05.0065

Copyright:
Comnso Inc. http://www.comnso.com

Original file name:
icevRestore.exe

File type:
Executable application (Win32 EXE)

Language:
Korean (Korea)

Common path:
C:\Program Files\comnso\comnsorestore\icevrestore.exe

Digital Signature
Signed by:
Comnso Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/21/2009 8:22:24 PM

Valid to:
4/28/2010 1:24:42 AM

Subject:
CN=Comnso Inc., OU=Software Development Department, O=Comnso Inc., L=Guro-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
41730CE474D47D26CBC7287644AD0C65

File PE Metadata
Compilation timestamp:
7/2/2009 5:53:54 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:t5/NHvUIjrxACk6Dp751XUVGyjNnwmTR6fHlQi6Mm00R1TI6Xn4LnY:t5/NHv3FA3UBDXUDn6Hv0fTIwn4c

Entry address:
0x25FC

Entry point:
B8, 04, A8, 42, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 02, 44, 0C, 18, 58, FF, AD, C9, FB, 24, 3D, 66, F6, 8A, 88, C5, DC, C3, 33, 7A, B6, 5E, 0E, AB, CB, C7, 44, 2E, 0F, 4F, 76, 8B, 30, 15, 3C, 54, 3F, 12, 3A, 27, 0C, AF, 53, 6D, BB, 5F, 39, 12, 98, F6, 6E, 77, D1, DA, A4, 05, 78, 8A, 80, A8, E8, C3, B1, 70, ED, C6, 58, E3, 12, C9, 5F, 84, 5F, 94, 2B, FE, 9F, 22, 3C, 41, 5E, 07, 91, 3B, 99, 3B, 5A, 4E, E2, 83, DE, 17, 88...
 
[+]

Entropy:
7.8236

Packer / compiler:
PECompact v2

Code size:
148 KB (151,552 bytes)

The file icevRestore.exe has been discovered within the following program.

ComnsoBackup  by Comnso Inc.
www.comnso.com
About 5% of users remove it
 
Powered by Should I Remove It?

Scan icevRestore.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.