home

не подтвержден 687828.crdownload

OOO Kul Stil

The file не подтвержден 687828.crdownload by OOO Kul Stil has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
OOO Kul Stil  (signed and verified)

MD5:
1cf653c0d5734b8ac639a01dbbf8d6d0

SHA-1:
562754c05c3efcedb6cda42c5b5e83cab228d28c

SHA-256:
27130eb5bfb32e554975dfd30e46c9ee42d1c4d1af61039d66f4eb21eb5db000

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 9:39:49 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.LoadMoney (M)
17.3.4.22

File size:
493.5 KB (505,368 bytes)

Common path:
C:\users\{user}\downloads\не подтвержден 687828.crdownload

Digital Signature
Signed by:
OOO Kul Stil

Authority:
COMODO CA Limited

Valid from:
7/19/2016 6:00:00 AM

Valid to:
7/20/2017 5:59:59 AM

Subject:
CN=OOO Kul Stil, O=OOO Kul Stil, STREET="p-t Makeeva, 42, 129", L=Miass, S=Chelabinskaya, PostalCode=456320, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0096A297EB9ACB5447A1780AED36B84995

File PE Metadata
Compilation timestamp:
5/19/2016 10:34:39 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x1120

Entry point:
55, 8B, EC, 81, EC, A8, 07, 00, 00, 53, 56, 57, C6, 85, 01, FF, FF, FF, 3E, 68, 3B, 11, 40, 00, C3, 33, F2, 8D, 12, EB, 06, 81, EF, D9, 8B, DF, 12, 87, C9, C7, 85, E8, FD, FF, FF, 03, 00, 00, 00, 8B, 85, E8, FD, FF, FF, 83, C0, 0C, 89, 85, E8, FD, FF, FF, 81, BD, E8, FD, FF, FF, 5C, 11, 00, 00, 76, 02, EB, 14, 68, 7C, 40, 47, 00, FF, 15, 54, 11, 47, 00, B9, 01, 00, 00, 00, 85, C9, 75, CF, 6A, 00, FF, 15, A0, 15, 47, 00, 6A, 00, FF, 15, 50, 11, 47, 00, 8B, 95, 88, FD, FF, FF, C1, E2, 47, 89, 95, C0, FD, FF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
444.5 KB (455,168 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.