» alfatest_car_5300.exe
Overview
Analysis
File Details
Downloads (1)

alfatest_car_5300.exe

Texa Spa

This is a setup program which is used to install the application. The file has been seen being downloaded from www.alfatest.com.br.

File name:

Publisher:

Texa Spa

Description:

ALFATEST CAR

Version:

53.0.0.0

MD5:

18467417df39c731ab242721c6731d6f

SHA-1:

789474af55887f1733d43933c5113799f20b398c

SHA-256:

856c245c9e5f3116ca6031bdd2cefd1e201b82bbf589dc3fbcb1e85c278c0108

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/25/2024 3:54:39 AM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.Packed

1.3.0.7237

Rising Antivirus

PE:Malware.RDM.32!5.26[F1]

23.00.65.151119

File size:

15.4 MB (16,163,328 bytes)

Product version:

53.0.0.0

Original file name:

VehicleList.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\alfatest_car_5300.exe

File PE Metadata

Compilation timestamp:

12/9/2013 1:28:38 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

393216:1m4VjEf2SsSgSDSLS3G+hpykeTK9SuyBtQL9/CSpSSSjm4VjEfYujgon+:1Pj8G+haK6YUPjwg

Entry address:

0xF63872

Entry point:

FF, 25, 80, 38, 36, 01, 00, 00, 00, 00, 00, 00, 00, 00, 54, 38, F6, 00, 00, 00, 00, 00, 00, 00, 00, 00, B6, EF, A5, 52, 00, 00, 00, 00, 02, 00, 00, 00, 8D, 00, 00, 00, A4, 38, F6, 00, A4, 1A, F6, 00, 52, 53, 44, 53, A5, 03, 9B, DF, A2, C8, 8F, 43, AC, 9A, AC, 46, CB, 3E, 40, E8, 01, 00, 00, 00, 43, 3A, 5C, 50, 72, 6F, 67, 72, 61, 6D, 6D, 61, 7A, 69, 6F, 6E, 65, 5C, 43, 23, 20, 28, 20, 57, 69, 6E, 64, 6F, 77, 73, 20, 29, 5C, 56, 4E, 44, 52, 5C, 74, 72, 75, 6E, 6B, 5C, 62, 69, 6E, 5C, 44, 65, 62, 75, 67, 30... 
[+]

Code size:

15.4 MB (16,128,512 bytes)

The file alfatest_car_5300.exe has been seen being distributed by the following URL.

http://www.alfatest.com.br/atualizacao/.../ALFATEST_CAR_5300.exe

Scan alfatest_car_5300.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.