adguardinstaller.exe

Insoft LLC

Publisher:
Insoft LLC  (signed and verified)

MD5:
2b23a25a3a788ba9fda44bf734d50536

SHA-1:
a8a8406a6ca4b84141a43726641d82481482e925

SHA-256:
9c6c603f4e8208f5936f4db97b27bf75b25cdf1a29503c65e30f8a70ed4ab983

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 1:48:06 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.Symmi!6.200E
23.00.65.15327

File size:
388 KB (397,360 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\adguardinstaller.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
2/12/2013 6:02:34 PM

Valid to:
2/13/2016 3:58:40 PM

Subject:
E=support.en@adguard.com, CN=Insoft LLC, O=Insoft LLC, L=Moscow, S=Moscow, C=RU

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217943575E821301807A43EAC9AE8FE273

File PE Metadata
Compilation timestamp:
3/18/2014 7:39:35 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:NAZV3/1pa8C6RcZBtp8aL5vBGSKG00SV3OwR13sjpynUA:NWF/1pJcZBt6aVvASKG00SV7ajZA

Entry address:
0x3AD0

Entry point:
55, 8B, EC, 81, EC, F0, 03, 00, 00, 56, 6A, 00, FF, 15, 2C, 50, 40, 00, A3, 10, 60, 40, 00, 6A, 00, 6A, 00, 6A, 00, 8D, 4D, EC, E8, 9B, F5, FF, FF, 6A, 00, 8D, 45, EC, 50, 8D, 4D, FC, 51, E8, BA, FE, FF, FF, 8D, 4D, E0, E8, 24, DB, FF, FF, 68, 00, 02, 00, 00, 8D, 4D, D8, E8, E7, D4, FF, FF, 68, 00, 04, 00, 00, 8D, 4D, D8, E8, 1A, D5, FF, FF, 50, 6A, 00, FF, 15, 2C, 50, 40, 00, 50, FF, 15, 30, 50, 40, 00, 68, FF, 03, 00, 00, 68, F0, 51, 40, 00, 8D, 4D, D8, E8, F8, D4, FF, FF, 50, 8D, 4D, E0, E8, 0F, DB, FF...
 
[+]

Entropy:
2.9385

Developed / compiled with:
Microsoft Visual C++

Code size:
14.5 KB (14,848 bytes)

The file adguardinstaller.exe has been seen being distributed by the following URL.

Scan adguardinstaller.exe - Powered by Reason Core Security