home

sisenselatest.exe

SiSense Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from download.sisense.com.
Publisher:
Sisense  (signed by SiSense Ltd.)

Product:
Sisense

Version:
6.2.0.352

MD5:
49718382a0aab7e73b5b3986706390d3

SHA-1:
d583c5099843636ad6fec7a6a02d8ee9a9ccbc03

SHA-256:
4bab42ee62c8b01a4d144c61b99d0c2a06de3bc1d72242a96e807431811bed56

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 2:54:31 PM UTC  (today)

File size:
1.4 MB (1,519,216 bytes)

Product version:
6.2.0.352

Copyright:
Copyright (c) Sisense. All rights reserved.

Original file name:
SiSense.6.2.0.352.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\sisenselatest.exe

Digital Signature
Signed by:
SiSense Ltd.

Authority:
COMODO CA Limited

Valid from:
2/4/2016 5:30:00 AM

Valid to:
7/22/2016 5:29:59 AM

Subject:
CN=SiSense Ltd., O=SiSense Ltd., STREET=Giborey Israel 20, L=Netanya, S=Israel, PostalCode=00000, C=IL

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0A11837012569A849CEE099EBCC7449C

File PE Metadata
Compilation timestamp:
1/17/2016 2:48:53 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
24576:Yda7VjCLYRFsrOfAihovNqv7F6CZZaeVnVCrsidi3koAkfgeFzpHC:JILSNIfVqTBwqlidi3xHnXi

Entry address:
0x2C86E

Entry point:
E8, A3, 04, 00, 00, E9, 80, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, 55, 8B, EC, EB, 1F, FF, 75, 08, E8, 6B, 6C, 00, 00, 59, 85, C0, 75, 12, 83, 7D, 08, FF, 75, 07, E8, B3, 08, 00, 00, EB, 05, E8, 8F, 08, 00, 00, FF, 75, 08, E8, E2, 6C, 00, 00, 59, 85, C0, 74, D4, 5D, C3, 55, 8B, EC, FF, 75, 08, E8...
 
[+]

Entropy:
7.7677  (probably packed)

Code size:
293 KB (300,032 bytes)

Startup File (All Users Run Once)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Name:
{e7bf3b24-c66c-4bdd-a5de-5f7d6e754e86}

Command:
"C:\ProgramData\package cache\{e7bf3b24-c66c-4bdd-a5de-5f7d6e754e86}\sisense.6.2.0.352.exe" \burn.runonce


The file sisenselatest.exe has been seen being distributed by the following URL.

http://download.sisense.com/.../SiSenseLatest.exe

Scan sisenselatest.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.