home

микробиология_итог№1.exe

Adit Testdesk

Adit Software

This is a setup program which is used to install the application. The file has been seen being downloaded from downloader-default3j.disk.yandex.ru.
Publisher:
Adit Software

Product:
Adit Testdesk

Description:
Adit Testdesk Embedded Tester

Version:
2.60.2678

MD5:
5ea2e29b65d7cdcc37c2989ed6b0aa70

SHA-1:
35718dd4fde0e2439ee86b0ce0a88f309e17dbb0

SHA-256:
d86cff3853d2a277bf87f9b7a657b56a9e2986a6351cadc9955d7545250baab2

Scanner detections:
9 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 11:25:09 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Hoax
7.1.1

AVG
Generic9_c
2016.0.3161

Kaspersky
Hoax.Win32.ArchSMS
14.0.0.2302

McAfee
GenericR-CWB!5EA2E29B65D7
5600.6817

Panda Antivirus
Trj/CI.A
15.03.23.02

Trend Micro House Call
Possible_Virus
7.2.82

Trend Micro
Possible_Virus
10.465.23

VIPRE Antivirus
Hoax.Win32.ArchSMS.Generic (not malicious)
37466

Zillya! Antivirus
Tool.ArchSMS.Win32.24934
2.0.0.2062

File size:
7.5 MB (7,871,144 bytes)

Product version:
2.60.2678

Copyright:
Copyright ©2005-09 Adit Software

Original file name:
Testviewer.c32

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/27/2013 11:20:43 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:1YSANL1VXtjyc1IEM5uq91bUywARbbnmk4PReNKFzv7:KHBtj8EQuq95nwARbbnmk4PReNC/

Entry address:
0x1552000

Entry point:
EB, 05, F1, 26, 8E, 8D, B5, 50, EB, 05, 8E, 9E, A4, B9, AC, E8, 1C, 00, 00, 00, EB, 05, F7, B6, 8C, 5C, 7A, EB, 04, 9A, 88, 58, 56, 33, C0, 79, 05, 82, 1B, 32, 38, F0, 71, 64, EB, 02, 32, 6F, EB, 05, FE, 05, C2, CA, AA, B8, 27, 48, E8, F6, EB, 01, 3A, EB, 03, 1A, AF, BA, 05, D9, B7, 17, 09, EB, 05, 26, 0F, 1B, 34, 02, 75, 3E, EB, 01, 14, 64, FF, 30, EB, 01, C4, 64, 89, 20, EB, 05, DA, A0, 8E, 04, 62, EB, 05, 65, C7, 20, AC, 58, 8B, 10, EB, 01, B2, 64, 8F, 00, EB, 04, A2, D9, C2, 47, 83, C4, 04, EB, 05, 0F...
 
[+]

Code size:
11.8 MB (12,399,616 bytes)

The file микробиология_итог№1.exe has been seen being distributed by the following URL.

https://downloader-default3j.disk.yandex.ru/rdisk/f47a1c8106c80b25013219354a4c6111626812b716efc63bc44f0cab6039c992/54f89d19/.../x-msdownload&fsize=7871144&hid=21b0c4ca6751483f8ca685e56e8435fc&media_type=executable&tknv=v2&rtoken=876553fcd08c3e4d9acc94b407c85688&force_default=no

Scan микробиология_итог№1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.