» idimageprotector.exe
Overview
Analysis
File Details

idimageprotector.exe

ID Image Protector

Christina Mailat

The application idimageprotector.exe by Christina Mailat has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

ID Security Suite (signed by Christina Mailat)

Product:

ID Image Protector

Version:

3.5.0.0

MD5:

f344727661795501602c719386b93cb8

SHA-1:

822192317f622fd79e41feaf04104d2ea346b4ee

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 10:25:30 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Fastlink2.Installer.Optional (L)

16.9.12.17

File size:

758.2 KB (776,408 bytes)

Product version:

3.5.0.0

Original file name:

ID Image Protector

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\id security suite\id image protector\idimageprotector.exe

Digital Signature

Signed by:

Christina Mailat

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

3/26/2008 4:48:06 AM

Valid to:

3/26/2010 4:48:06 AM

Subject:

CN=Christina Mailat, OU=Fastlink2, O=Christina Mailat, L=Leverkusen, S=NRW, C=DE

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

4F994EA4A24BABD032D444472ED931A6

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:ydNl/Lx/yPtbF3+8nXJrS84KpyGlW6XSqOzq6xGJOpqfvMEv78j/HIOykG/:UtBCtS1K06W6iq70Gkpev7NZ/

Entry address:

0x1000

Entry point:

68, 01, 90, 51, 00, E8, 01, 00, 00, 00, C3, C3, C8, C9, F3, EE, 51, 6E, BA, C4, 9E, A0, 52, ED, 76, 1B, 01, D7, 9C, 6F, 72, ED, FA, 4A, 36, 6C, 25, AC, C3, 33, CA, 84, 18, 02, 58, D8, D1, 1E, 88, E4, DC, CB, 2C, F7, 8F, 3C, 04, B0, 00, C1, FE, D8, 50, 59, E2, 42, CA, 4B, 33, C2, 16, 36, FD, 51, 0B, AC, 1D, ED, B5, 57, 8D, 1D, 61, D6, 69, 86, EA, 1B, F6, 7E, 64, 0C, FC, 53, 5C, BD, 25, 75, 58, 89, 5D, 81, 63, 60, 3E, C8, ED, 85, BC, 67, 61, D8, F7, 12, AD, DE, 71, 54, 93, 08, EE, 2A, 06, 12, 89, 31, 2B, DD... 
[+]

Entropy:

7.8634

Packer / compiler:

ASProtect v1.2x (New Strain)

Code size:

687 KB (703,488 bytes)

Remove idimageprotector.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.