home

iefullinternetfr2015_user.exe

IE Fullinternet FR 2015

Application RBook-Service

The program is a setup application that uses the Inno Setup installer. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RenaultIEFullInternet’.
Publisher:
Renault DI-RCF   (signed by Application RBook-Service)

Product:
IE Fullinternet FR 2015

Description:
Application Settings IE Current User

Version:
1.3

MD5:
ec45224e6d4e9e5b23f61b7acaf60f7f

SHA-1:
4f9807f4dbcbfdba3e219324534edda1d0116d4c

SHA-256:
2e47be74ffff50707202eea01a91715b87c140db41b1b4d95ea68f0cd968e919

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 8:21:31 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
QVM06.1.Malware.Gen
1.0.0.1077

File size:
341.4 KB (349,592 bytes)

Product version:
1.3

Copyright:
(c) Renault / DI-RCF

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\Program Files\renault\iefullinternetfr2015_user.exe

Digital Signature
Signed by:
Application RBook-Service

Authority:
Renault

Valid from:
10/14/2014 11:13:52 AM

Valid to:
11/8/2024 11:21:20 AM

Subject:
OID.0.9.2342.19200300.100.1.1=awdcf01, CN=Application RBook-Service, OU=Renault

Issuer:
CN=Code Signing Certificates CA, O=Renault

Serial number:
10

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:K/QiQPfZOG5Vx/tDSNlxEhwumJKszM6j89+s45gepL9QNRxXLemUxmm7bFj5k4je:yQiG8G9/tDSen8KszMX914KGL9uRxXLX

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RenaultIEFullInternet

Command:
C:\Program Files\renault\iefullinternetfr2015_user.exe \silent


Scan iefullinternetfr2015_user.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.