афера по-американски.exe

The application афера по-американски.exe has been detected as a potentially unwanted program by 16 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from sherriggutier.were.me.
Version:
1.0.0.0

MD5:
e4a10fc528869dabacea615a55652ef8

SHA-1:
a5e911d92c6f9052a9c6a21f17ecc537f00e9a8a

SHA-256:
039eabc1e01400d1427aa7e5e958a90d7af502e70efb268fcd1bf11d9946904e

Scanner detections:
16 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 1:10:00 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Symmi.iqvbruep
7.11.133.122

avast!
Win32:Inject-BEW [Trj]
2014.9-150731

Comodo Security
TrojWare.Win32.Injector.FXK
17841

Dr.Web
Trojan.InstallMonster.47
9.0.1.0212

ESET NOD32
Win32/InstallMonstr.CB (variant)
9.9464

IKARUS anti.virus
Trojan.Win32.Inject
t3scan.2.2.29

Kaspersky
Trojan.Win32.Inject
14.0.0.1654

Malwarebytes
PUP.Optional.InstallMonster
v2015.07.31.04

McAfee
Artemis!E4A10FC52886
5600.6688

Norman
InstallMonster.B
11.20150731

Panda Antivirus
Suspicious file
15.07.31.04

Sophos
Generic PUA KF
4.97

Trend Micro House Call
TROJ_GEN.R0CBC0EBM14
7.2.212

Trend Micro
TROJ_GEN.R0CBC0EBM14
10.465.31

Vba32 AntiVirus
Trojan.Inject
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic
26806

File size:
5 MB (5,292,692 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\????? ??-???????????.exe

File PE Metadata
Compilation timestamp:
1/31/2014 8:04:17 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:UQ7mAx/TwulJNZbB7NpQ/Nf8dS+qU31WfeH4VX7yKeJVvYU5QmENUA9GVXJzpVWY:R77wEJh7N+CfsDVX8VvG/WAclADa9

Entry address:
0x7E9C40

Entry point:
60, BE, 00, 70, 76, 00, 8D, BE, 00, A0, C9, FF, C7, 87, 18, 6C, 48, 00, BA, 11, 2F, 34, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Entropy:
7.8574

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
4.5 MB (4,730,880 bytes)

The file афера по-американски.exe has been seen being distributed by the following URL.

Remove афера по-американски.exe - Powered by Reason Core Security