» iStartMenu.exe
Overview
Analysis
File Details

iStartMenu.exe

iStartMenu

Suzhen Zhou

File name:

iStartMenu.exe

Publisher:

CandySoft.com, Inc. (signed by Suzhen Zhou)

Product:

iStartMenu

Version:

1.1.0.0

MD5:

9480871bbf3357f3de1387ee40c107f9

SHA-1:

e0b978f2a08ac92d8505cdc96ae778ebb4019a23

SHA-256:

077a69f0c9883f0569ff812b682e87fc74847ae15fbfeefc15fffb933c9bc3ff

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 11:45:29 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Qihoo 360 Security

Trojan.Generic

1.0.0.1015

File size:

201.9 KB (206,752 bytes)

Product version:

1.1.0.0

CandySoft.com, Inc.

Trademarks:

iStartMenu

Original file name:

iStartMenu.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\Program Files\istartmenu\istartmenu.exe

Digital Signature

Signed by:

Suzhen Zhou

Authority:

VeriSign, Inc.

Valid from:

10/17/2012 8:00:00 PM

Valid to:

10/18/2015 7:59:59 PM

Subject:

CN=Suzhen Zhou, OU=Individual Developer, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=No Organization Affiliation, L=Wuhan, S=Hubei, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

13A691B148E6D8D0891F888E6605E0DD

File PE Metadata

Compilation timestamp:

12/18/2013 9:13:39 AM

OS version:

6.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:oNB9BNUMY4pTwtbT0HTtbIkFYd4Ec+9hdB0G9dGdHDmKf:kbBNc4pT4+5bhFbEciV9wff

Entry address:

0x4AF0

Entry point:

48, 83, EC, 28, E8, 4B, 43, 00, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, 48, 83, EC, 18, 66, 0F, 6F, 14, 24, 0F, B7, C2, 4C, 8B, C1, 66, 0F, 6E, C0, 45, 33, C9, F2, 0F, 70, C8, 00, 66, 0F, 70, D9, 00, 49, 8B, C0, 25, FF, 0F, 00, 00, 48, 3D, F0, 0F, 00, 00, 77, 2B, F3, 41, 0F, 6F, 08, 66, 0F, 6F, C2, 66, 0F, EF, C2, 66, 0F, 6F, D0, 66, 0F, 75, D1, 66, 0F, 75, CB, 66, 0F, EB, D1, 66, 0F, D7, C2, 85, C0, 75, 18, 49, 83, C0, 10, EB, C5, 66, 41, 39, 10, 74, 23, 66, 45, 39, 08, 74, 19, 49, 83, C0, 02, EB... 
[+]

Entropy:

5.7638

Code size:

69 KB (70,656 bytes)

Scan iStartMenu.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.