» AeroAdmin.exe
Overview
Analysis
File Details
Behaviors (1)
Downloads (3)

AeroAdmin.exe

AeroAdmin

Sole Proprietorship Smolikov Eugene Gennadyevich

File name:

AeroAdmin.exe

Publisher:

AeroAdmin Inc. (signed by Sole Proprietorship Smolikov Eugene Gennadyevich)

Product:

AeroAdmin

Version:

2689

MD5:

938cedd2c63b4e06117e67a1387a4e65

SHA-1:

69a556b0f8c07d879fd06649905f09beb95308ff

SHA-256:

878176317f279bda8787847b088fb3cbdcf8555feb3af87c208d42f13573bbff

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/30/2024 11:04:06 AM UTC (today)

File size:

2.5 MB (2,602,776 bytes)

Product version:

v4.1

Trademarks:

AeroAdmin

Original file name:

AeroAdmin.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\aeroadmin.exe

Digital Signature

Signed by:

Sole Proprietorship Smolikov Eugene Gennadyevich

Authority:

GlobalSign nv-sa

Valid from:

3/11/2016 11:57:40 AM

Valid to:

3/12/2017 11:57:40 AM

Subject:

E=support@aeroadmin.com, CN=Sole Proprietorship Smolikov Eugene Gennadyevich, O=Sole Proprietorship Smolikov Eugene Gennadyevich, L=Moscow, S=Moscow, C=RU

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11215F7435CF93E025B9531C95DDCE01135E

File PE Metadata

Compilation timestamp:

7/14/2016 1:38:14 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

49152:hPHPT01o34ZDNl1j/OWNEJRhbNFo/RzvTBbtjJgUfM1PyT5pZJBy:pso34nl1jbNaKnty

Entry address:

0x174E32

Entry point:

E8, 94, 07, 00, 00, E9, 80, FE, FF, FF, 3B, 0D, 40, 51, 63, 00, F2, 75, 02, F2, C3, F2, E9, F4, 08, 00, 00, FF, 25, 80, 06, 5D, 00, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, F2, C3, 8B, 4D, F0, 33, CD, F2, E8, C9, FF, FF, FF, F2, E9, DA, FF, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 40, 51, 63, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, F2, C3, 50, 64, FF, 35, 00... 
[+]

Entropy:

6.6227

Code size:

1.8 MB (1,895,424 bytes)

Windows Firewall Allowed Program

Name:

aeroadmin

The file AeroAdmin.exe has been seen being distributed by the following 3 URLs.

http://www.agssistemas.com.ar/.../AeroAdmin.exe

http://www.aeroadmin.com/cdn-cgi/.../chk_captcha?id=2d867fefcb0e3738&g-recaptcha-response=03AHJ_Vuv5ToXsn2tw6cg4_qoqQtdJU8K53bvWZ_j9uVCMVwVEdi5nOYOwn34HzeilQ3QnSloQai9H_pVaMSThu8ROzR2xNlSKlRSbmZzghbB5yyBueOe5K-xQ1EQ5OHK_htPpkHp8Zpl9ipyvVkyjIaGC0IV5ezmIhLfZqisElDLvzt64KmTh5sneWodQ40ckZsWPTn47SYctTdz25UVqa1dxbTQUYjgSgkOnhAcTb9RBrpyMm3AWCOyV2UyPKTAk-YljTeFssnJ9t4htEbCRiYc7C9Y2iHaHb07bjlN6AVCmXBoHbgP0cXKqQQM9idpBzWSn3nKS4OkyBPLx9IZldo3jR0HZ1n1wU6zBjmr9gd3hKU7WtnmYui5FetixggZcE6AicWlXiC--saNONS4V3rQst-ufkPOSRdC1EzECTntIYY4votMSiLDmJGcnF8223q_XUiG01n3zZGPVH9j0uuk7HGRfvYEIXhYGGZA8r-X-ZArz-6QGMMwobr1Mbx-VHpzrm0M3CTPctKw6BDLApOcXtcL0zIcgApZoawxK0NZwxB7i9QaN3uDkiVyfIzw4hJYXhXp_tRNBi6wtg-yIPw5XKNyOYDK4IbIQXQIdvYJ64Ls5QpLFS0XCEHyISHBnJUeR74qNIs1l8uwMsPCY-w1wDlB4ZomaygnkSwHYNBYiJmJTaSYbRI3Rhr3bf1ww-VJ8URRUig7JKaXjsMJe7TRoivcL0xx22iKrOG20yU1l65MsRiVt7geTkdqVrkZWnsnHyqfcTTt8n1x0D2i-hnZJSXJnI_HQ6Dft1U-lxJgkWRLc5Vjntm66-tkkcrFs1lwHzsyGfYPjErwW_S5SeiLF1ANn4OCjpmLjTP8XypX-di-ZxlsuriyU9aWyrty8r19zuOht68WR7E

http://www.aeroadmin.com/AeroAdmin.exe

Scan AeroAdmin.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.