home

idsearch.exe

Sowsoft LLC

Publisher:
Sowsoft LLC  (signed and verified)

MD5:
795a93ed385809f2ecf86f6e8eb97890

SHA-1:
6663a2676302a579f738f3166fcdfdd934e65418

SHA-256:
a27d681c1158ab759a8521455c82d33639926f0d4894cf6bd2e30c6f9017484a

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 10:53:04 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
PUA.Packed.ASPack
0.98/18011

Quick Heal
(Suspicious) - DNAScan
7.14.11.00

File size:
657.4 KB (673,208 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\ids\idsearch.exe

Digital Signature
Signed by:
Sowsoft LLC

Authority:
The USERTRUST Network

Valid from:
3/23/2009 11:00:00 AM

Valid to:
3/24/2011 10:59:59 AM

Subject:
CN=Sowsoft LLC, O=Sowsoft LLC, STREET="Prospect Mira, d. 75, str. 1", L=Moscow, S=Moscow, PostalCode=129110, C=RU

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
042E3AD215DF337FD2A69CD2F3F9111B

File PE Metadata
Compilation timestamp:
6/20/1992 8:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:xkXm45XBZhfwYHUb4LWwQcuNZJttCcnoffPWPCZHBS:xkXZ5Crzcetwcn6PWPCVBS

Entry address:
0x1000

Entry point:
68, 01, 60, 53, 00, E8, 01, 00, 00, 00, C3, C3, 91, 0E, 7B, 48, 1F, A3, 29, C2, F9, 99, 1D, F4, 8E, 20, E4, 27, BC, 24, 98, C9, 79, BB, 47, 50, D2, 85, BD, 22, 5E, 1C, 73, EF, 13, E7, 9E, 0F, 68, 0A, DF, 0D, 23, 04, BE, 0C, 26, 93, E5, C6, 7E, 0E, 6A, F6, 37, 8F, 32, 33, BC, 0C, 87, 27, 8D, 9A, 78, F7, 74, B7, A5, 5A, 40, BD, 80, 3A, AF, F8, 67, 9D, 9B, AB, 5A, 4F, 7D, 2A, A7, 13, 5C, 53, 0B, D8, 9A, A8, C5, 1C, 50, 43, D3, B4, 43, 61, F9, 46, 03, 8A, 5A, D8, C6, B6, B7, FB, 35, 89, 88, 66, 2E, D3, 36, D8...
 
[+]

Entropy:
7.8591

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
1009.5 KB (1,033,728 bytes)

Scan idsearch.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.