home

1cdef94e566b7fa.exe

VKSaver Pack

Audiovkontake.ru

This is a setup program which is used to install the application. The file has been seen being downloaded from freeforwin.ru.
Publisher:
Audiovkontake.ru

Product:
VKSaver Pack

Version:
3.1.0.1

MD5:
b177b9643c3870512e3f056f3e4001dc

SHA-1:
0ed26d4e113329a669814f9121af3fb468179882

SHA-256:
6c2df9a4c62c8b652c545aa71a2900704807ff58439d180e3c4ccdd816877016

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 11:33:41 AM UTC  (today)

Scan engine
Detection
Engine version

Norman
Malware
11.20140306

File size:
404.5 KB (414,208 bytes)

Product version:
3.1.0.1

Copyright:
Copyright (C) 2011 Audiovkontake.ru

Original file name:
VKSaverPack.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\temp\1cdef94e566b7fa.exe

File PE Metadata
Compilation timestamp:
12/29/2012 2:17:26 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:4FjtUKa5DI2kR55QcIiMzXTTyk/ycnyHbJ8J4zha0110KNWSbJ8r:ijBKI2kJQPzXTTyku8+hB110KB8r

Entry address:
0x352C

Entry point:
E8, EE, 21, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 78, BC, 40, 00, 89, 0D, 74, BC, 40, 00, 89, 15, 70, BC, 40, 00, 89, 1D, 6C, BC, 40, 00, 89, 35, 68, BC, 40, 00, 89, 3D, 64, BC, 40, 00, 66, 8C, 15, 90, BC, 40, 00, 66, 8C, 0D, 84, BC, 40, 00, 66, 8C, 1D, 60, BC, 40, 00, 66, 8C, 05, 5C, BC, 40, 00, 66, 8C, 25, 58, BC, 40, 00, 66, 8C, 2D, 54, BC, 40, 00, 9C, 8F, 05, 88, BC, 40, 00, 8B, 45, 00, A3, 7C, BC, 40, 00, 8B, 45, 04, A3, 80, BC, 40, 00, 8D, 45, 08, A3, 8C, BC, 40...
 
[+]

Code size:
27 KB (27,648 bytes)

The file 1cdef94e566b7fa.exe has been seen being distributed by the following URL.

http://freeforwin.ru/wp-content/uploads/.../vksaver-install.exe

Scan 1cdef94e566b7fa.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.