» imf.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (2)

imf.exe

IObit Malware Fighter

IObit Information Technology

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IObit Malware Fighter’. This file is installed with multiple programs including IObit Malware Fighter 3 and IObit Malware Fighter.

File name:

imf.exe

Publisher:

IObit (signed by IObit Information Technology)

Product:

IObit Malware Fighter

Version:

2.3.0.13

MD5:

1bdab8a2ad5080027dda901465803bd7

SHA-1:

a2867e1c230e59c35d18a92de3b3dc7140759c0d

SHA-256:

fa4d2148f0322d875d267064b8b1e98f2fa53e909a734d833cacad1bdf3126ec

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/28/2024 4:58:10 AM UTC (today)

Scan engine

Detection

Engine version

Emsisoft Anti-Malware

Gen:Heur.SEPhish

8.14.03.03.12

File size:

1.5 MB (1,592,640 bytes)

Product version:

2.0.0.0

Trademarks:

IObit.com

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\iobit\iobit malware fighter\imf.exe

Digital Signature

Signed by:

IObit Information Technology

Authority:

VeriSign, Inc.

Valid from:

1/14/2013 7:00:00 PM

Valid to:

2/14/2016 6:59:59 PM

Subject:

CN=IObit Information Technology, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IObit Information Technology, L=Chengdu, S=Sichuan, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

11CADAF29DA4C3CB113BF1877B120103

File PE Metadata

Compilation timestamp:

2/26/2014 9:20:11 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:IRXXjnEzUrs8hy0LQpgVkA1BXSWZGgYk/TK+u/sDTc93YEn:7UY4VfxBxT9bD49IEn

Entry address:

0xF0CA8

Entry point:

55, 8B, EC, 81, C4, C8, FE, FF, FF, 33, C0, 89, 85, CC, FE, FF, FF, 89, 85, C8, FE, FF, FF, 89, 85, D0, FE, FF, FF, 89, 85, D4, FE, FF, FF, 89, 45, EC, B8, AC, E6, 4E, 00, E8, 24, 08, F1, FF, 33, C0, 55, 68, 43, 11, 4F, 00, 64, FF, 30, 64, 89, 20, B8, 5C, 11, 4F, 00, E8, B0, E9, F4, FF, 84, C0, 74, 2E, C7, 05, 5C, EA, 4F, 00, 88, 13, 00, 00, E8, 71, 0A, F1, FF, 25, FF, 00, 00, 00, 83, F8, 05, 75, 0A, C7, 05, 5C, EA, 4F, 00, 20, 4E, 00, 00, A1, 5C, EA, 4F, 00, 50, E8, 42, 1A, F1, FF, B8, 80, 11, 4F, 00, E8... 
[+]

Entropy:

6.4679

Developed / compiled with:

Microsoft Visual C++

Code size:

961.5 KB (984,576 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

IObit Malware Fighter

Command:

"C:\Program Files\iobit\iobit malware fighter\imf.exe" \autostart

The file imf.exe has been discovered within the following programs.

IObit Malware Fighter by IObit

Publisher's description - “IObit Malware Fighter is an advanced malware & spyware removal utility that detects, removes the deepest infections, and protects your PC from various potential spyware, adware, trojans, keyloggers, bots, worms, and hijackers.”

www.iobit.com/malware-fighter.html

22% remove it

IObit Malware Fighter 3 by IObit

Publisher's description - “With unique "Dual-Core" anti-malware engine, IObit Malware Fighter is able to detect and remove various kinds of malware, like spyware, adware, trojans, keyloggers, bots, worms, and hijackers, ensuring you a safer PC.”

www.IObit.com

52% remove it

Scan imf.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.