alnaddy-v2.1.3.0.exe

tal ltd

The application alnaddy-v2.1.3.0.exe by tal ltd has been detected as adware by 2 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from i1.superstoragemy.com and multiple other hosts.
Publisher:
Alnaddy  (signed by tal ltd)

Product:
Alnaddy

Version:
2.1.3.0

MD5:
3573dbb96e4376d91daf38c52ccabe3e

SHA-1:
2b47b9283842201fc28d851adf56597e4d708164

SHA-256:
7699fcef4111b5b860d7ed52e0c0f74344728b1f104283260a318cc8613960b0

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
12/25/2024 1:39:21 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
MalSign.Generic
2015.0.3556

Reason Heuristics
PUP.talltd.N
14.3.13.19

File size:
840.4 KB (860,616 bytes)

Copyright:
Alnaddy © 2014

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\alnaddy-v2.1.3.0.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
7/25/2013 2:00:00 AM

Valid to:
7/26/2014 1:59:59 AM

Subject:
CN=tal ltd, O=tal ltd, STREET=22-24 Mayor Parvan Toshev str, L=sofia, S=bulgaria, PostalCode=1000, C=BG

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
06D8799B2CB3044B5BEDEE2F7650B86D

File PE Metadata
Compilation timestamp:
7/14/2013 10:09:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:bMHV5Mmqlnr8JDe8zAbRuQ1TEi9vygRV/I4cx674FWiO1+7l/eX3NHMVpSDypxb:bMVkr4z4RuE9DP43x/eXY7Xb

Entry address:
0x324D

Entry point:
81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 89, 5C, 24, 20, C6, 44, 24, 14, 20, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 8C, 72, 40, 00, 6A, 08, A3, 98, 3F, 42, 00, E8, 8B, 2D, 00, 00, A3, E4, 3E, 42, 00, 53, 8D, 44, 24, 38, 68, 60, 01, 00, 00, 50, 53, 68, A0, F4, 41, 00, FF, 15, 64, 71, 40, 00, 68, E4, 91, 40, 00, 68, E0, 36, 42, 00, E8, 35, 2A, 00, 00, FF, 15, B0, 70, 40, 00, BD, 00, 90, 42, 00, 50, 55, E8, 23, 2A...
 
[+]

Entropy:
7.9908

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file alnaddy-v2.1.3.0.exe has been seen being distributed by the following 4 URLs.

http://i1.superstoragemy.com/.../alnaddy-v2.1.3.0.exe

Remove alnaddy-v2.1.3.0.exe - Powered by Reason Core Security