home

iewindow.exe

iewindow

Sen News Company Limited

The application iewindow.exe by Sen News Company Limited has been detected as a potentially unwanted program by 10 anti-malware scanners.
Publisher:
netimo  (signed by Sen News Company Limited)

Product:
iewindow

Version:
1.00.0821

MD5:
e8ef91930c552b3a47486bd79f3f4a35

SHA-1:
ec32c5efbe829ef7c6224d4b3097842877b2e8f3

SHA-256:
609bdd2847c6a9aa842a2649c566861ffa638d7710c368967565215f5a95413b

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 2:59:54 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.URLHelper
2013.06.25

Bitdefender
Gen:Variant.Symmi.3358
1.0.20.1180

Comodo Security
UnclassifiedMalware
16490

Emsisoft Anti-Malware
Gen:Variant.Symmi.3358
8.14.08.24.01

F-Secure
Gen:Variant.Symmi.3358
11.2014-24-08_1

G Data
Gen:Variant.Symmi.3358
14.8.22

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.0.3.0

Malwarebytes
PUP.URLHelper
v2014.08.24.01

Trend Micro House Call
TROJ_GEN.F47V0723
7.2.236

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
19016

File size:
411 KB (420,848 bytes)

Product version:
1.00.0821

Original file name:
iewindow.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\estsoft\alyac\tmparc\iewindow.exe

Digital Signature
Signed by:
Sen News Company Limited

Authority:
Thawte, Inc.

Valid from:
1/30/2012 9:00:00 AM

Valid to:
1/30/2014 8:59:59 AM

Subject:
CN=Sen News Company Limited, O=Sen News Company Limited, L=Mapo-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
732056471DEDE78458D6CF97A81B8B50

File PE Metadata
Compilation timestamp:
5/12/2012 4:15:56 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:zE+wy5i+axnOwjxC35RypTE/2byxXOeNU73ZL1q6/YSKq:zsyWxtxvtEuopNU73ZL1eS

Entry address:
0x620C

Entry point:
68, 70, 67, 40, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 63, A1, 9A, 6E, 3F, D8, DF, 42, 87, 29, D2, 65, BE, 71, 20, DC, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 69, 65, 77, 69, 6E, 64, 6F, 77, 00, 30, 34, 36, 7D, 23, 32, 2E, 00, 23, 30, 23, 43, 3A, 5C, 57, 00, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 06, 00, 00, 00, A5, F8, BE, 2D, E4, 25, 74, 46, 95, 56, E8, 7E, BD, EA, 83, 3B, 01, 00, 00, 00, A0, 00, 00, 00...
 
[+]

Entropy:
5.9021

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
388 KB (397,312 bytes)

Remove iewindow.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.