» insteelm2.exe
Overview
Analysis
File Details
Programs (1)

insteelm2.exe

Robin Hood Software Ltd

The program is a setup application that uses the Wise Installer installer. This file is installed with the program Evidence Eliminator.

File name:

insteelm2.exe

Publisher:

Robin Hood Software Ltd. (signed by Robin Hood Software Ltd)

Description:

Evidence Eliminator v6.0

Version:

6.0

MD5:

0252e71089addb4adff567a7b1fb79ac

SHA-1:

fdd7ce6c2e3a3635eb8d52d7e24deb68e729d523

SHA-256:

4e97abeb81595a0ee108cc8b0b3b4025e38343b29fce58c3725bd923a32d20a7

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/25/2024 10:20:55 AM UTC (today)

Scan engine

Detection

Engine version

Norman

Suspicious_Gen4.EJQUG

11.20140406

File size:

9 MB (9,456,904 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Wise Installer

Language:

English (United States)

Common path:

C:\users\{user}\downloads\insteelm2.exe

Digital Signature

Signed by:

Robin Hood Software Ltd

Authority:

The USERTRUST Network

Valid from:

4/19/2009 8:00:00 PM

Valid to:

4/19/2012 7:59:59 PM

Subject:

CN=Robin Hood Software Ltd, O=Robin Hood Software Ltd, STREET="2nd Floor, 145-157 St John Str", L=London, S=London, PostalCode=EC1v 4PY, C=GB

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00915443F2FED47D777E78D3E457B9893F

File PE Metadata

Compilation timestamp:

4/8/1999 4:24:47 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:mqyJJ/tcH8LW1WE5q604SjPdqWfTzxqgErHXPMd9gh0W:WSH8iF5qZ1Nf5HErHfNOW

Entry address:

0x1000

Entry point:

55, 8B, EC, 81, EC, 78, 05, 00, 00, 53, 56, BE, 04, 01, 00, 00, 57, 8D, 85, 94, FD, FF, FF, 56, 33, DB, 50, 53, FF, 15, 34, 20, 40, 00, 8D, 85, 94, FD, FF, FF, 56, 50, 8D, 85, 94, FD, FF, FF, 50, FF, 15, 30, 20, 40, 00, 8B, 3D, 2C, 20, 40, 00, 53, 53, 6A, 03, 53, 6A, 01, 8D, 85, 94, FD, FF, FF, 68, 00, 00, 00, 80, 50, FF, D7, 83, F8, FF, 89, 45, FC, 0F, 84, 7B, 01, 00, 00, 8D, 85, 90, FC, FF, FF, 50, 56, FF, 15, 28, 20, 40, 00, 8D, 85, 98, FE, FF, FF, 50, 53, 8D, 85, 90, FC, FF, FF, 68, 10, 30, 40, 00, 50... 
[+]

Entropy:

7.9994

Packer / compiler:

Wise Installer Stub

Code size:

512 Bytes (512 bytes)

The file insteelm2.exe has been discovered within the following program.

Evidence Eliminator by Robin Hood Software Ltd.

The program deletes hidden information from the user's hard drive that normal procedures may fail to delete.

www.evidence-eliminator.com/support.d2w

50% remove it

Scan insteelm2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.