» rei_supportinfotool.exe
Overview
Analysis
File Details

rei_supportinfotool.exe

IMALI - N.I. MEDIA TD

The application rei_supportinfotool.exe by IMALI - N.I. MEDIA TD has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

IMALI - N.I. MEDIA TD (signed and verified)

MD5:

3ba624a33d5d550827a481beee723e14

SHA-1:

01da8639200fe86b2bf2e045fc7642561921d63c

SHA-256:

5a8455e0316e6e5b57137291e3935d73956113d98635a8c46393d7cd7e46853d

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

5/18/2024 6:11:55 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.IMALI.IMALINIM (M)

16.5.19.14

File size:

6.5 MB (6,814,048 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\Program Files\winfix\winfix pro\rei_supportinfotool.exe

Digital Signature

Signed by:

IMALI - N.I. MEDIA TD

Authority:

DigiCert Inc

Valid from:

12/14/2014 4:00:00 AM

Valid to:

12/16/2015 4:00:00 PM

Subject:

CN=IMALI - N.I. MEDIA TD, O=IMALI - N.I. MEDIA TD, L=tel aviv, C=IL

Issuer:

CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

017B4EC01F594ADE73E421BB2CDD9FE2

File PE Metadata

Compilation timestamp:

2/12/2015 1:02:47 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

98304:+hv8sDFmgbmzHNpJDPt+T1GsWJVjbvVY/fd:+h0QAg6zHLxTrVi

Entry address:

0x36137C

Entry point:

48, 83, EC, 28, E8, EF, D9, 00, 00, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, 48, 8B, C4, 48, 89, 58, 08, 48, 89, 68, 10, 48, 89, 70, 18, 57, 48, 83, EC, 40, 48, 8B, F1, 48, 8B, FA, 48, 8D, 48, D8, 49, 8B, D0, E8, 72, ED, FF, FF, 33, ED, 48, 85, F6, 75, 2D, E8, 1E, 52, 00, 00, C7, 00, 16, 00, 00, 00, E8, BB, 93, 00, 00, 40, 38, 6C, 24, 38, 74, 0C, 48, 8B, 44, 24, 30, 83, A0, C8, 00, 00, 00, FD, B8, FF, FF, FF, 7F, E9, 93, 00, 00, 00, 48, 85, FF, 74, CE, 48, 8B, 44, 24, 20, 39, 68, 14, 75, 3A, 48, 2B, F7... 
[+]

Code size:

3.8 MB (3,987,968 bytes)

Remove rei_supportinfotool.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.