home

iscan_launcher__e89bbb05-c910-4e07-90e3-f9473d2c616c.exe

iScan Online, Inc.

Publisher:
iScan Online, Inc.  (signed and verified)

MD5:
69977c33cf7a8c398a152e4da7c875a9

SHA-1:
9031f6275259d863a0a0d109ddbfa7cd358f359e

SHA-256:
ab3fd0473a0b3c5bc8a27dbc904e2897ff12e2a0d4123558795a50a287a998db

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 5:48:09 PM UTC  (today)

File size:
7.3 MB (7,677,528 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\iscan_launcher__e89bbb05-c910-4e07-90e3-f9473d2c616c.exe

Digital Signature
Signed by:
iScan Online, Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
2/3/2014 4:28:12 PM

Valid to:
2/3/2016 4:28:12 PM

Subject:
CN="iScan Online, Inc.", O="iScan Online, Inc.", L=Plano, S=Texas, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
045479EE6B81A1

File PE Metadata
Compilation timestamp:
11/20/2015 5:28:46 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:RW1C/kN6siqjl35kYSC6D6OyDjPM7uChr1+UxRBAtZkzmtI://GR35rSBDPyDQB1+U/BArkzb

Entry address:
0x387AC9

Entry point:
E8, 36, 85, 01, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 78, 09, E8, D8, 03, 00, 00, 3B, 30, 7C, 07, E8, CF, 03, 00, 00, 8B, 30, E8, CE, 03, 00, 00, 8B, 04, B0, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 53, 56, E8, 92, 57, 01, 00, 8B, F0, 33, DB, 3B, F3, 75, 07, B8, 98, 2D, A2, 00, EB, 22, 57, BF, 86, 00, 00, 00, 39, 5E, 24, 75, 1B, 6A, 01, 57, E8, 24, 65, 00, 00, 59, 59, 89, 46, 24, 3B, C3, 75, 0A, B8, 98, 2D, A2, 00, 5F, 5E, 5B, 5D, C3, FF, 75, 08, 8B, 76, 24, E8, 8C, FF, FF, FF, 50, 57...
 
[+]

Entropy:
5.9916

Code size:
5.4 MB (5,620,736 bytes)

The file iscan_launcher__e89bbb05-c910-4e07-90e3-f9473d2c616c.exe has been seen being distributed by the following URL.

https://app.ri.logicnow.com//download/.../ff2043b6-5011-45b3-87a0-a09b76ba337f

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.