home

Alcohol.exe

Alcohol 120%

Alcohol Soft Development Team

The application Alcohol.exe has been detected as a potentially unwanted program by 8 anti-malware scanners. While running, it connects to the Internet address vodka2.alcohol-soft.com on port 80 using the HTTP protocol.
Publisher:
Alcohol Soft Development Team

Product:
Alcohol 120%

Version:
2.0.0.1331

MD5:
b47e46e819e6f6790b7a7fae305e1b29

SHA-1:
bb2331c3536a54a9aa47a5f504ee89dc5354f47a

SHA-256:
2a08db875f86df33aec18d9773477b8af876f519b162849eb46e97b5e84db445

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 9:54:15 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/MalwareF.FNDR
v6.4.7.1.166

IKARUS anti.virus
not-a-virus.Crack.Alcohol
t3scan.2.2.29

K7 AntiVirus
Riskware
13.174.10410

McAfee
Artemis!B47E46E819E6
5600.7274

Norman
Suspicious_Gen4.DSQVB
11.20131222

Reason Heuristics
Unnamed.Threat.18
14.3.2.12

Trend Micro House Call
CRCK_WARE
7.2.356

Trend Micro
CRCK_WARE
10.465.22

File size:
3.2 MB (3,347,968 bytes)

Product version:
2.0

Copyright:
Copyright(C) 2002-2010 Alcohol Soft Development Team

Trademarks:
Alcohol Soft Development Team

Original file name:
Alcohol.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\alcohol soft\alcohol 120\alcohol.exe

File PE Metadata
Compilation timestamp:
2/1/2010 1:52:56 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:+8vOu7EZuA+1kfbJglMExhVSmREWRGYP3jWVZ7ioVXYB5O4Nj:AJWkTJgGExhVJRfRGYP3ji9io1CXh

Entry address:
0x1000

Entry point:
68, 01, 20, A6, 00, E8, 01, 00, 00, 00, C3, C3, FE, CC, 08, AF, 47, 4F, B6, 01, AD, 92, 9A, 8B, 49, 4A, 24, B9, C4, C2, AE, E3, 94, BE, 0A, 00, F5, 19, 7B, 4E, EB, 9A, D3, 3B, 08, B0, E4, D1, 66, 72, DC, B1, C5, 2A, B7, DB, 5C, 47, 67, 90, 3B, DD, A1, 4A, E4, 00, F1, 65, 8E, 2A, 6B, 0A, 22, 54, 09, 55, D0, 95, 64, E6, 9C, A9, C8, 6C, 84, 55, 7B, 10, E4, 2E, 47, 97, 43, 27, DE, 47, 9B, 7F, 6E, 68, 76, 9F, D0, 79, EB, B6, 3C, 21, 4A, B2, FE, A6, B4, 21, 29, F9, A1, 77, BB, B7, 11, 1C, 48, 16, 2B, 16, B0, 38...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
6.4 MB (6,688,256 bytes)

2 Autoplay Handlers
Display name:
AlcoholAutoPlayV2.BurnDisc

Display name:
AlcoholAutoPlayV2.ReadDisc


The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to vodka2.alcohol-soft.com  (95.211.206.2:80)

Remove Alcohol.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.