{0419bfcb-db7e-45ac-ad92-2d58694d9df4}

InstallShield

Macrovision Corporation

The file {0419bfcb-db7e-45ac-ad92-2d58694d9df4}, “InstallShield (R) Setup Engine” has been detected as malware by 8 anti-virus scanners.
Publisher:
Macrovision Corporation

Product:
InstallShield

Description:
InstallShield (R) Setup Engine

Version:
14.0.162

MD5:
a08f361b32078ec59deb22abd5f83a6d

SHA-1:
f80566d59338ecb1d6c8250b504c63ca719effbd

SHA-256:
fc653c409fdcf453bcd3f1c354f3f42c6d41ae55e4c2b7b4bdf399eccf2555fc

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
12/27/2024 10:59:33 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Heur
2016.0.3183

Baidu Antivirus
Trojan.Win32.PEMalform
4.0.3.1532

Comodo Security
TrojWare.Win32.Kryptik.~NT
20615

ESET NOD32
Win32/RiskWare.PEMalform
9.10971

Fortinet FortiGate
W32/Onlinegames.ASE!tr
3/2/2015

McAfee
Artemis!A08F361B3207
5600.6839

Rising Antivirus
PE:Trojan.Win32.Generic.179A99E0!396007904
23.00.65.15228

VIPRE Antivirus
Trojan.Win32.Generic
36418

File size:
1.6 MB (1,646,592 bytes)

Product version:
14.0

Copyright:
Copyright (C) 2007 Macrovision Corporation

Original file name:
iKernel.dll

Language:
English (United States)

File PE Metadata
Compilation timestamp:
4/18/2007 8:06:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:4yF3SrUVaX7zyCyHHjDLLhSuZhqVSNlw8XkMgrNGr:4yF3Sr0aiC4vhSOhGSvbxgrAr

Entry address:
0x1906B0

Entry point:
53, 57, 56, 55, E8, 00, 00, 00, 00, 5D, 81, ED, 4C, 13, 38, 00, 8D, B5, 43, 13, 38, 00, 8B, 46, FC, 83, C0, 04, 2B, F0, FC, 8B, DE, 8B, 56, 08, 8B, 76, 1C, 03, F2, 8D, BD, 2F, 1F, 38, 00, AD, AB, AD, AB, AD, AB, AD, AB, 90, 83, 7B, 48, 01, 74, 15, 8B, 73, 44, 85, F6, 74, 0E, B9, 23, 00, 00, 00, 03, F2, 8B, 7B, 40, 03, FA, F3, A4, 8B, F3, 8D, BD, 1B, 1F, 38, 00, 01, 2F, 01, 6F, 04, 01, 6F, 08, 8D, 8D, FF, 1E, 38, 00, 51, E8, 46, 01, 00, 00, 90, 90, 90, 90, 90, 90, 90, 90, 8B, 4E, 2C, 89, 8D, 2B, 1F, 38, 00...
 
[+]

Code size:
932 KB (954,368 bytes)

Remove {0419bfcb-db7e-45ac-ad92-2d58694d9df4} - Powered by Reason Core Security