» picatabbar.EXE
Overview
Analysis
File Details

picatabbar.EXE

picatabbar 응용 프로그램

3oneplus Co.,Ltd.

The application picatabbar.EXE, “picatabbar MFC 응용 프로그램” by 3oneplus Co.,Ltd has been detected as a potentially unwanted program by 12 anti-malware scanners.

File name:

picatabbar.EXE

Publisher:

(주)쓰리원플러스 (signed by 3oneplus Co.,Ltd.)

Product:

picatabbar 응용 프로그램

Description:

picatabbar MFC 응용 프로그램

Version:

1, 0, 0, 5

MD5:

6a281c8e2c3c1cf0b50916577c51fac5

SHA-1:

bb9fedd387ed48dd3300b6823c047ba910875325

SHA-256:

cb283bdc5f30a849706bc2bb96edf79928d25d562ecd2b69f794db8e4df7cb7b

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 12:03:00 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Strictor.7909

427

Agnitum Outpost

Trojan.Strictor

7.1.1

Avira AntiVirus

TR/Strictor.7909.37

8.3.2.2

Arcabit

Trojan.Strictor.D1EE5

1.0.0.567

Bitdefender

Gen:Variant.Strictor.7909

1.0.20.1690

Comodo Security

ApplicUnwnt.Win32.Adware.Kraddare.EI

23298

Emsisoft Anti-Malware

Gen:Variant.Strictor.7909

8.15.12.04.11

Fortinet FortiGate

W32/BHO.CGXW!tr

12/4/2015

F-Secure

Gen:Variant.Strictor.7909

11.2015-04-12_6

G Data

Gen:Variant.Strictor.7909

15.12.25

McAfee

Artemis!6A281C8E2C3C

5600.6561

MicroWorld eScan

Gen:Variant.Strictor.7909

16.0.0.1014

File size:

118.8 KB (121,632 bytes)

Product version:

1, 0, 0, 5

Original file name:

picatabbar.EXE

File type:

Executable application (Win32 EXE)

Language:

Korean (Korea)

Common path:

C:\Program Files\mediaweb\picatabbar\picatabbar.exe

Digital Signature

Signed by:

3oneplus Co.,Ltd.

Authority:

Thawte, Inc.

Valid from:

9/17/2015 5:00:00 PM

Valid to:

11/16/2016 3:59:59 PM

Subject:

CN="3oneplus Co.,Ltd.", OU=internet Dept, O="3oneplus Co.,Ltd.", L=Gangnam, S=SEOUL, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

03402058DD8394E24BC3C3BAF0B212C5

File PE Metadata

Compilation timestamp:

12/5/2013 5:43:22 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:fFLTvGMupJkGyNDH2/guHT5HJ9lvBaunjer6x:BTvGTuy/xPlQr

Entry address:

0x130BF

Entry point:

55, 8B, EC, 6A, FF, 68, 60, 68, 41, 00, 68, 2A, 32, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 60, 63, 41, 00, 59, 83, 0D, B8, AF, 41, 00, FF, 83, 0D, BC, AF, 41, 00, FF, FF, 15, 5C, 63, 41, 00, 8B, 0D, 98, AF, 41, 00, 89, 08, FF, 15, 58, 63, 41, 00, 8B, 0D, 94, AF, 41, 00, 89, 08, A1, 68, 63, 41, 00, 8B, 00, A3, B4, AF, 41, 00, E8, 29, 01, 00, 00, 39, 1D, B0, AB, 41, 00, 75, 0C, 68, 54, 32, 41, 00, FF, 15, 6C, 63... 
[+]

Entropy:

6.0266

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

84 KB (86,016 bytes)

Remove picatabbar.EXE - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.