» adwcleaner_3.211.exe
Overview
Analysis
File Details
Downloads (376)
Network (3)

adwcleaner_3.211.exe

The executable adwcleaner_3.211.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. The file has been seen being downloaded from toolslib.net and multiple other hosts. While running, it connects to the Internet address filer-whg.archive-host.com on port 80 using the HTTP protocol.

File name:

Version:

3.2.1.1

MD5:

9ec73884d7d7bfec9eed7eaf3122a0be

SHA-1:

5021acf55bd6df31511cd225bea7c97920953c9a

SHA-256:

f18b91a082736ddc59e114b874019339e267ec4aacdba146a1871be482fd2ecb

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/16/2024 6:58:19 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

(M)

16.6.23.0

File size:

1.3 MB (1,327,971 bytes)

Product version:

3.3.8.1

File type:

Executable application (Win32 EXE)

Language:

French (France)

Common path:

C:\users\{user}\downloads\adwcleaner_3.211.exe

File PE Metadata

Compilation timestamp:

1/29/2012 4:32:28 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:/thEVaPqLG2dwPDz8e9gNUwM7ixxRBXkxWa3Bvws7GkyI/oZVc:DEVUcGrfqNUwgKFCfqNc

Entry address:

0xC4E80

Entry point:

60, BE, 00, 30, 48, 00, 8D, BE, 00, E0, F7, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B... 
[+]

Entropy:

7.9867

Packer / compiler:

UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:

268 KB (274,432 bytes)

The file adwcleaner_3.211.exe has been seen being distributed by the following 50 URLs.