home

alcohol52_fe_2.0.2.3931.exe

Alcohol Soft

Publisher:
Alcohol Soft  (signed and verified)

MD5:
d8c3f10de7791d1f3cddb6741c26251d

SHA-1:
e7b253dd152fd17a3acd0b17e5b483c3d81f976e

SHA-256:
ebe46b5f00e48f7a58786c171e8596fffe3f21d4fc3c139f511e6c7155f417d1

Scanner detections:
9 / 68

Status:
Clean  (9 possible false positive detections)

Analysis date:
11/15/2024 12:29:02 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/InstallCore.Gen
7.11.136.204

avast!
Win32:Adware-gen [Adw]
2014.9-140328

Clam AntiVirus
W32.Adware.InstallCore-1
0.98/18355

Dr.Web
Adware.InstallCore
9.0.1.087

ESET NOD32
Win32/InstallCore (variant)
8.9538

Fortinet FortiGate
Riskware/InstallCore
3/28/2014

F-Prot
W32/InstallCore.V2.gen
v6.4.7.1.166

nProtect
Trojan/W32.Agent.1108840.B
14.03.13.01

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.14326

File size:
1.1 MB (1,108,840 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\alcohol52_fe_2.0.2.3931.exe

Digital Signature
Signed by:
Alcohol Soft

Authority:
VeriSign, Inc.

Valid from:
10/4/2011 8:00:00 PM

Valid to:
10/13/2012 7:59:59 PM

Subject:
CN=Alcohol Soft, OU=Alcohol Soft Development Team, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Alcohol Soft, L=Belfast, S=Antrim, C=GB

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6525C72B7600FDD99F1E0DEAA4739606

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:BRLCN7s4snXsvF2SizngjTBmXT41n8xrhk:BRLW7s4snXsvFndjTZ80

Entry address:
0xC1F91

Entry point:
55, 8B, EC, 83, C4, F0, B8, FE, C7, 40, 00, E8, 3F, F9, FF, FF, A6, A3, 55, C3, 2B, 6D, 5F, 24, EC, A4, B1, 53, 90, 96, FC, 7D, 47, A1, C9, 8B, 87, 70, 11, 46, B4, 0A, F5, 39, 75, 0E, 77, 46, 8B, C7, 19, 2F, 73, D9, D7, 8D, 27, BD, F4, F2, AB, 57, 61, 2E, 6E, 4D, D3, F8, 7D, F1, DC, 7A, 22, EA, 7B, 6E, 7A, DB, 06, D9, 00, C9, 70, 97, 2F, FE, 3A, 2F, B1, 92, 90, B9, BD, F8, 75, C7, 92, 27, F2, 93, 44, 31, A2, E1, 3C, 7F, 23, 6E, 1B, F0, 35, BF, EB, 8C, A1, B6, D7, 98, 1A, 49, B2, 34, BC, 27, 2C, D9, F0, 44...
 
[+]

Entropy:
7.0071

Developed / compiled with:
Microsoft Visual C++

Code size:
787 KB (805,888 bytes)

The file alcohol52_fe_2.0.2.3931.exe has been seen being distributed by the following 3 URLs.

http://mirror1.free-downloads.net/.../Alcohol52_FE_2.0.2.3931.exe

http://sd-cf.softonic.com/28000/28592/.../Alcohol52_FE_2.0.2.3931.exe

http://mirror3.free-downloads.net/.../Alcohol52_FE_2.0.2.3931.exe

Scan alcohol52_fe_2.0.2.3931.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.