GridinSoft Threat Intelligence
view.exe threat report
GridinSoft Anti-Malware detection
Detected by GridinSoft before you download
The current ThreatInfo record shows this exact file hash detected as General Threat. Download GridinSoft Anti-Malware to scan the device, confirm whether this file is present, and remove the detected object if it is found.
- Detection name
- General Threat
- Recommended action
- Scan and remove
- Last analysis
- 2023-08-11 23:56:38 (2 years ago)
- File hash
- e41886d7df087907ce8cec6c7c9406b6
Why it matters
Why GridinSoft flags this file
GridinSoft identifies the sample as General Threat.
First seen 2023-08-11 23:56:38 (2 years ago); latest analysis 2023-08-11 23:56:38 (2 years ago).
Company metadata: Schneider Electric Software, LLC.. Product metadata: InTouch.
Signed by Schneider Electric Software, LLC. The signature is reported as valid, but signed files can still be bundled or abused.
ThreatInfo has seen this file in user or system paths listed below. Unexpected locations increase the need for local verification.
Recommended action
What to do next
- Compare the MD5 above with the file found on the device.
- Check whether the file appears in the observed locations or under one of the alternate names.
- Run GridinSoft Anti-Malware to confirm the detection and remove the file if it is present.
File context
view.exe is a Windows file recorded in the ThreatInfo database. It is associated with InTouch. The reported company name is Schneider Electric Software, LLC.. The current detection status is General Threat, based on the latest analysis from 2023-08-11 23:56:38 (2 years ago).
If view.exe appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as General Threat.
File Details
| Product Name: | InTouch |
| Company Name: | Schneider Electric Software, LLC. |
| MD5: | e41886d7df087907ce8cec6c7c9406b6 |
| Size: | 1 MB |
| First Published: | 2023-08-11 23:56:38 (2 years ago) |
| Latest Published: | 2023-08-11 23:56:38 (2 years ago) |
| Status: | General Threat (on last analysis) | |
| Analysis Date: | 2023-08-11 23:56:38 (2 years ago) |
Detection screenshot
The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.
Overview
| Signed By: | Schneider Electric Software, LLC |
| Status: | Valid |
The signature on view.exe is reported as valid. A valid signature helps confirm publisher identity, but it does not automatically make the file safe if the installer was bundled, abused, or downloaded from an untrusted source.
Common Places:
| %programfiles%\wonderware |
ThreatInfo has observed view.exe in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.
Geographic signal
Observed country distribution
ThreatInfo has seen view.exe across 1 countries. Use this signal to compare local evidence with where the sample is most often reported.
The strongest geographic signal for this file is Mexico with 100.0% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.
OS Version:
The most common operating system signal for view.exe is Windows 10 with 100.0% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.
Analysis
view.exe is identified as pe for 32-bit systems. The subsystem is Windows GUI. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.
PE Sections:
Section layout highlights raw-size concentration, repeated names, packer markers, and hashes that can be compared across related samples.
2136ebedf758f0ac15dd28ce1f546c92
9191eed0c064fbeb066ffcd26b752b9e
2d50cefcef9a56f59e6dbf187b8dab82
af84a3804853b0b8dee0c687b3e502e9
b8d68ed11c96e1b25bab9f9da5a1c809
2c15a36ccddab2bc20c808f92cabbb90
0ff1027148d6e238a1b2f3df3831b737
974006eda389cbfea903d90765015d42
debf16853b54f38f55470a0283994196
3676869d1def717ab88476c77197a924
fb0883f0c40d893ce8d2bb7da52ab74e
3691503122003643f5052b58e6e1ee0b
c6ad2d4a3dda99e40cc43ae0d86af8c7
dbeaa24b29068f559df55e3f7f89b6ba
49545cb791d77235c25a044ab6241270
d3ec7431b0a3b0a3a4fb8d964f79046a
538cc1b16da6c8399bac203132b1e820
2e173fbe2a7071c016158deb721fffb3
b00e4b0f39c18d7155af1b6099b706f1
c78bb0850e95c0e0a764bbca5051e5a1
fb972f0e5121f166b80afcae2ffa4069
078f7fcbf087d23dcf9b5914bd074ae3
0dd53d3628788f3d93b5eaabbe0def29
8091a660e17b0433bc7f94b206cb0366
1b640a4fd789f6eb311fcf3f6f003e47
cdf4a8e6cba8e92fd57f682fe9f10e49
c2e718effe8fd4c4f406f60e6c22ddd2
4a70ee83c6c4aba87deba3bbf1ff0c8c
d80132c705061ee8d985b029ac0a6e58
2bbf13d4d9a0862cdaa0cfd4438d510e
825cc74d7f241374c6aae832c97f3222
98c05e9862bcd895b411bfff68e4e1f5
de09547330c90a280f3cb9515ed00617
fed5309a042d897bdac5e60692786b91
cbd19cd5dbca4ec56fff9e23d7f90ef8
c3abb4cb037871d7dac240436661dabc
c17571e369c666a2020710fc2cb80c8e
250abb2f71caf1b55c559f82ca7acf25
bf8153139d05e1e3cc5d4092276ea993
0e1f1f523323d50f48b2968f6ae5663d
bcc7f03638628e0fab8c5679054e8937
3d81dd266759ba0f0a11b41223eb7f83
2430c51a5002c86cbb75aa3b3b9a8441
1c759a54bc062da2c01d38dbeee4d842
b09ae54f867529691f1a63f93f4743b3
9cc7aaa9a8233612d05549bd6c41c13e
7e017a144e988f1cd12da359ebb09832
0569b1892648b50f1d7c969ff730977b
bc8cc0018873ebdcccc72f373a98dbf8
12069c723718350a3f05fa9a3b3bc0d2
PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.
Report conclusion
GridinSoft detects this file as General Threat
This report identifies view.exe by MD5 e41886d7df087907ce8cec6c7c9406b6. If the same file is present on your device, scan the system and remove the detected object after confirming the hash and location.