home

ida_fullsetup.exe

Queen's University

This is a self-extracting archive and installer. The file has been seen being downloaded from ida.its.queensu.ca.
Publisher:
Queen's University - ITServices  (signed by Queen's University)

Description:
Ida

Version:
2.1.0.51

MD5:
1865deec1bf5d264cf8ea433b8db3571

SHA-1:
c0cafe51d2e8db66b81bdbec131a9ed279f23eee

SHA-256:
527f95b1bc94e04c50354e2ad3d1281beed3ee8da6fe2a82f31bce9c95f5a112

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 10:01:35 PM UTC  (today)

File size:
27.5 MB (28,846,928 bytes)

Copyright:
Queen's University - ITServices

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\ida_fullsetup.exe

Digital Signature
Signed by:
Queen's University

Authority:
The USERTRUST Network

Valid from:
5/16/2011 8:00:00 PM

Valid to:
5/16/2014 7:59:59 PM

Subject:
CN=Queen's University, OU=IT Services, O=Queen's University, STREET=99 University Ave., L=Kingston, S=Ontario, PostalCode=K7L 3N6, C=CA

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
0833DBA7D3E39B1D06CED600B910D78C

File PE Metadata
Compilation timestamp:
11/20/2007 4:52:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
786432:iTaatfGgLg+ACOJe7ok4/loBQurxPvZw6G2BkjU:sQ+ACGrk4WLHZw61Bko

Entry address:
0x4387

Entry point:
55, 8D, 6C, 24, 88, 81, EC, 7C, 0F, 00, 00, 53, 56, 57, 33, FF, 68, 00, 01, 00, 00, 57, 89, 7D, 14, 89, 7D, FC, 89, 7D, F4, FF, 15, F8, 80, 40, 00, 6A, 04, 89, 45, 70, FF, 15, 24, 81, 40, 00, 89, 7D, 00, 89, 7D, F8, 89, 7D, 18, 89, 7D, F0, 89, 7D, 0C, 89, 7D, 04, 89, 7D, 08, 89, 7D, 40, 89, 7D, 1C, 89, 7D, 24, 89, 7D, 20, FF, 15, B8, 80, 40, 00, 8B, F0, 8A, 06, 3C, 22, 89, 75, 50, 75, 24, EB, 04, 3C, 22, 74, 0E, 46, 8A, 06, 84, C0, 89, 75, 50, 75, F2, 3C, 22, 75, 14, 46, 89, 75, 50, EB, 0E, 3C, 20, 74, 0F...
 
[+]

Entropy:
7.9956  (probably packed)

Code size:
24.5 KB (25,088 bytes)

The file ida_fullsetup.exe has been seen being distributed by the following URL.

http://ida.its.queensu.ca/download/.../Ida_FullSetup.exe

Scan ida_fullsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.