home

activator.exe

The application activator.exe has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a setup program which is used to install the application.
Version:
3.0.0.0

MD5:
5a62285bd583fab12e56be338520f9f6

SHA-1:
cbca1a7de95e304be3063da6b379898b636a64da

SHA-256:
796934514b54332c9fde470d525e96026afb2de08dfbd86b1524e8d53ced1c4b

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
11/8/2024 6:22:07 PM UTC  (today)

Scan engine
Detection
Engine version

Malwarebytes
Riskware.Tool.CK
v2013.12.24.11

Reason Heuristics
Riskware.Tool
16.8.5.16

ViRobot
Trojan.Win32.A.ShipUp.4370432
2011.4.7.4223

File size:
4.2 MB (4,370,432 bytes)

Product version:
3.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\temp\activator.exe

File PE Metadata
Compilation timestamp:
8/25/2009 9:14:47 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:/xKSyFvg6PxpigGjxtzT2c0R5fsLD1YeoLDyYeodUqeurn8UiRl:+OgGjDV0R5fIXaINqIUib

Entry address:
0x139548

Entry point:
55, 8B, EC, 83, C4, F0, B8, 44, 26, 53, 00, E8, 5C, 1A, ED, FF, A1, 58, 0F, 54, 00, 8B, 00, E8, F0, 71, F9, FF, A1, 58, 0F, 54, 00, 8B, 00, BA, 10, 96, 53, 00, E8, FB, 6B, F9, FF, 33, C9, B2, 01, A1, 80, 3E, 51, 00, E8, F1, C7, F8, FF, 8B, 15, C4, 11, 54, 00, 89, 02, 33, C9, B2, 01, A1, 98, 51, 51, 00, E8, DB, C7, F8, FF, 8B, 15, D8, 0A, 54, 00, 89, 02, 33, C9, B2, 01, A1, 5C, 39, 51, 00, E8, C5, C7, F8, FF, 8B, 15, F4, 0C, 54, 00, 89, 02, 33, C9, B2, 01, A1, 5C, 36, 51, 00, E8, AF, C7, F8, FF, 8B, 15, 70...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.2 MB (1,279,488 bytes)

The file activator.exe has been seen being distributed by the following 35 URLs.

ftp://80.241.243.66/Install/!!OS/Windows.7/.../Windows 7 Activador.exe

https://mega.nz/temporary/.../Z98ilSDT

https://doc-0s-1k-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5vuujb2vimg6sh97018vab00r574t8pt/1483034400000/04972025977778434831/.../0B8Ecx-WZKm66Y3hHakxjd25iczg?e=download

https://doc-00-4o-docs.googleusercontent.com/docs/securesc/vskp86q0v3trf04kni1t0ij5s9aujple/ffguvp3ct5l04oagu36klvdodk08192m/1477288800000/.../10499419816830388639/0Bw3Hhi7_x9CAb21ubk9VaVZsYmM?e=download

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==VjJ-ViYm3PJbac3z5qf9Wh3_zcogfuI1_zd60ygtQinE_pXQQbt-UMgD4-44WAcb4fgG/messages/@.id==AO-etEQAAFN8TBj_KwsZKDWSo7E/content/parts/@.id==2/raw?appid=YahooMailNeo&token=zitEzqOML3j84e6ealFTT5U7-km5qEQF52lp7AcCuBbyoqzSzVl3Tdgm9o10e2TVf4l3mBOfRYuqyj8bBsoSXuhATt6YLWgYEJks5jUHHQMaXYsR4RvwvgV3QYEmzl84&error=https://us-mg5.mail.yahoo.com/.../iframemsg?id=cc38e2d1-f98c-6911-e503-b4b59c69e38f&ymreqid=f386abe9-8cca-0784-01f5-37001a010000

https://dl-web.dropbox.com/.../7 Loader eXtreme Edition v3.010.exe

http://172.20.1.132/.../w7act.EXE

https://docs.google.com/uc?id=0B8V7cplo2RrSLUVmbXQ3aUdEZVk&export=download

https://dl-web.dropbox.com/get/programy uzytkowe/.../Aktywator Win7.exe

http://zalacznik.wp.pl/0/.../Aktywator.exe

https://mail.google.com/mail/u/.../?ui=2&ik=71ba41ad3b&view=att&th=158d3d883c314247&attid=0.1&disp=safe&realattid=f_gfy35ptr0&zw

https://mega.nz/temporary/.../sZ02RLDQ

https://mega.co.nz/temporary/.../0INmjSTR

https://nowy.tlen.pl/api/v2/mails/messages/10001-dcaa86d6000c4df8511c0f0a/.../1.2

https://doc-0g-9g-docs.googleusercontent.com/docs/securesc/t5a5dp4kg7r6p04tcdggekpfktcdibg8/0pv9iqjvt03465knrq9j39pacl2grs9q/1458540000000/.../04948001743321074377/0B6WjgdnUNAxiSm9sTTIxRnZDdzA?e=download

https://mega.nz/temporary/.../oFAVRACS

https://docs.google.com/uc?id=0B8Ecx-WZKm66Y3hHakxjd25iczg&export=download

https://mega.nz/persistent/.../q9EFiRZI

http://www.speedyshare.com/467sm/dc84b666/.../Aktywator.exe

http://dla.uloz.to/Ps;Hs;fid=8642587;cid=56054101;rid=988203427;up=0;uip=80.50.231.198;tm=1387139814;ut=f;aff=zachowajto.pl;did=ulozto-pl;He;ch=2ea2e536ab01ab9e3ad234ba8eed47bc;Pe/.../windows-7-all-versions-activator-reddragon.exe

ftp://192.168.0.21/Pendrv/respaldo pendrive/Loader_2.1/.../Windows 7 Loader eXtreme Edition 3.010.exe

http://download1246.mediafire.com/6ab5c8b1hd8g/.../7 Loader eXtreme Edition v3.010.exe

https://docs.google.com/uc?authuser=0&id=0B_Jp1nQcYM15YjYwYzBlNzktY2RlYS00NGIxLWI5MTYtYjk1ZjIxM2NlNjM2&export=download

http://www.juntosblog.info/wp-content/.../windows 7 loader extreme edition v3.010 (26-08-2009).exe

https://docs.google.com/uc?authuser=0&id=0B8Ecx-WZKm66Y3hHakxjd25iczg&export=download

https://docs.google.com/uc?authuser=0&id=0B3WLvCR0CJP9SkRGMFM4OVFpTEk&export=download

http://zalacznik.wp.pl/0/.../Aktywator_Win7.exe

https://dl-web.dropbox.com/.../Windows 7 Loader eXtreme Edition 3.010.exe

blob:76D336D8-3254-4543-A291-B72E3F78D529

http://evetke.ath.cx/soft/.../Windows 7 Activador.exe

Latest 30 of 35 download URLs

Remove activator.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.