» idsecuritysuiteupdater.exe
Overview
Analysis
File Details

idsecuritysuiteupdater.exe

ID Security Suite

Cristina Mailat

The executable idsecuritysuiteupdater.exe, “ID Security Suite Updater” has been detected as malware by 7 anti-virus scanners.

File name:

Publisher:

Fastlink2 (signed by Cristina Mailat)

Product:

ID Security Suite

Description:

ID Security Suite Updater

Version:

1.2.0.0

MD5:

1fc67811c84b5c9fb0624880b3e15e23

SHA-1:

ee4afc559a34a65268dd83f9217294237e2c88fb

Scanner detections:

7 / 68

Status:

Malware

Analysis date:

4/19/2024 5:11:41 AM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

UnclassifiedMalware

9744

ESET NOD32

Win32/Spy.Agent.DDVHKUT (variant)

8.6377

McAfee

Spyware-IDSecuritySuite

5600.7226

Norman

W32/Suspicious_Gen2.UQIF

11.20140207

Rising Antivirus

Trojan.Win32.Generic.12789301

23.00.65.14205

Sophos

ID Computer Spy

4.67

VIPRE Antivirus

Spyware.IncredibleKey

10162

File size:

979.4 KB (1,002,952 bytes)

Product version:

1.2.0.0

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\id security suite\idsecuritysuiteupdater.exe

Digital Signature

Signed by:

Cristina Mailat

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

2/28/2007 4:03:52 PM

Valid to:

2/28/2008 4:03:52 PM

Subject:

CN=Cristina Mailat, OU=Fastlink2, O=Cristina Mailat, L=Leverkusen, S=NRW, C=DE

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

2B9F5FFDF31736A6BD504B4D0E734A58

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:oQGBE8cQ8SRwjx8zlSrYjGA3LVDvmDJWpdhoFtrVc7uJQRyUscT5E:/Gi8TwjxUV7VihFtQuCnscT5

Entry address:

0xB154C

Entry point:

55, 8B, EC, 83, C4, F0, B8, 34, 12, 4B, 00, E8, 70, 55, F5, FF, A1, E8, 38, 4B, 00, 8B, 00, E8, E8, EB, FB, FF, A1, E8, 38, 4B, 00, 8B, 00, BA, AC, 15, 4B, 00, E8, BF, E7, FB, FF, 8B, 0D, 24, 38, 4B, 00, A1, E8, 38, 4B, 00, 8B, 00, 8B, 15, 74, F5, 4A, 00, E8, D7, EB, FB, FF, A1, E8, 38, 4B, 00, 8B, 00, E8, 4B, EC, FB, FF, E8, 7A, 2F, F5, FF, 00, 00, FF, FF, FF, FF, 19, 00, 00, 00, 49, 44, 20, 53, 65, 63, 75, 72, 69, 74, 79, 20, 53, 75, 69, 74, 65, 20, 55, 70, 64, 61, 74, 65, 72, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

705.5 KB (722,432 bytes)

Remove idsecuritysuiteupdater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.