home

idrecordstudio.exe

ID Record Studio

Christina Mailat

The application idrecordstudio.exe by Christina Mailat has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Fastlink2  (signed by Christina Mailat)

Product:
ID Record Studio

Version:
3.5.0.0

MD5:
c399f9e1db80411b04aba02f4a963a15

SHA-1:
44f00870245fb5bc30fbd9107749ae5ae2a556cd

SHA-256:
38f25bc8ad6232ad741c0586ade0b2562dff866ddd79aadf6d8727346ecd11f2

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 5:35:14 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Fastlink2.Installer.Optional (L)
16.7.29.10

File size:
878.2 KB (899,280 bytes)

Product version:
3.5.0.0

Copyright:
Copyright © Fastlink2

Original file name:
ID Record Studio

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\id security suite\id record studio\idrecordstudio.exe

Digital Signature
Signed by:
Christina Mailat

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
3/26/2008 4:18:06 PM

Valid to:
3/26/2010 4:18:06 PM

Subject:
CN=Christina Mailat, OU=Fastlink2, O=Christina Mailat, L=Leverkusen, S=NRW, C=DE

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
4F994EA4A24BABD032D444472ED931A6

File PE Metadata
Compilation timestamp:
6/20/1992 2:52:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:C1Op+ctj9P+JLn8AQ1TRQ5u4il17cCMm6atuZWYmdyq6xGJOpq1IP4iV0vwgEvtR:CEhN+t8lK5JIcCL6Aug7Z0Gkp0w7bk4

Entry address:
0x1000

Entry point:
68, 01, E0, 57, 00, E8, 01, 00, 00, 00, C3, C3, 11, E6, 9C, DE, D3, 74, E5, AD, 98, 77, 98, AE, CB, 2E, 0E, 98, 41, 61, 31, AF, 33, CF, 79, CB, BB, 07, 73, 62, D6, 1A, 5D, 07, 75, FD, 58, BD, 27, 1C, B8, 92, 89, 78, F1, EE, B8, E3, 96, 80, DC, 6A, 90, DD, CB, 1E, 25, F8, 8D, FB, 35, 99, 2C, 92, F7, DC, CE, 72, B0, 19, 3D, 13, 68, 92, C1, 66, F7, C7, 02, 3A, 62, 97, 60, B7, B7, E4, 70, E3, 9A, 6F, 09, 4E, 1D, D4, 38, 28, 47, 04, 03, E7, E1, 8D, 4B, 7C, CE, 52, 68, EE, 2D, 05, 79, 67, E6, 81, 5F, 02, 69, F9...
 
[+]

Entropy:
7.8811

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
861.5 KB (882,176 bytes)

Remove idrecordstudio.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.