» alz.big.hero.6.2014.dvdscr.x264.by.ansa.mkv_10924_i14018881_il345.exe
Overview
Analysis
File Details
Downloads (1)

alz.big.hero.6.2014.dvdscr.x264.by.ansa.mkv_10924_i14018881_il345.exe

Runner Utility

Dummy, Ltd.

The executable alz.big.hero.6.2014.dvdscr.x264.by.ansa.mkv_10924_i14018881_il345.exe has been detected as malware by 6 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from downprov1.thesoftwarenow.com.

File name:

Publisher:

Dummy, Ltd.

Product:

Runner Utility

Version:

1.0.0.166

MD5:

69866bf1818ecab0e001ff43c5b2e773

SHA-1:

0566e67980fb0663ccd6ea49e1f40b7a63f92686

SHA-256:

18b3e9eaf642b4c929dfc14a848f74ad5a5aaabf9d92c5b051667826f017d708

Scanner detections:

6 / 68

Status:

Malware

Analysis date:

11/24/2024 12:04:22 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Win32/Blacked

2015.0.4568

Emsisoft Anti-Malware

Gen:Application.Imonetize

11.5.0.6191

ESET NOD32

Win32/Packed.VMProtect.ABO trojan

8.0.319.0

F-Secure

Application.Imonetize.1

5.15.96

Norman

Gen:Application.Imonetize.1

10.04.2016 15:29:17

Sophos

Virus 'Mal/VMProtBad-A'

5.23

File size:

1.2 MB (1,211,904 bytes)

Product version:

1.0.0.166

Original file name:

runner.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\programs\alz.big.hero.6.2014.dvdscr.x264.by.ansa.mkv_10924_i14018881_il345.exe

File PE Metadata

Compilation timestamp:

1/12/2015 8:45:52 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

24576:rQDl/6aobrS3QjGWIMkk/6k/1JLOAm+dQcOeDPIhYl2Z0ZU4ajV:rQ15Er9jtIMkkHagecRyiTZU46

Entry address:

0x24425E

Entry point:

60, C7, 44, 24, 1C, C0, 19, 43, E1, 60, 52, C6, 04, 24, 6E, 8D, 64, 24, 40, 0F, 82, C2, 26, 00, 00, 68, 71, FF, A6, AB, 55, 60, 9C, 8D, 64, 24, 28, E9, 66, 13, 01, 00, 0E, EE, 5B, EA, 1E, CB, 11, 4B, E8, 3D, 27, B5, A3, 99, 9B, 9C, 18, F7, 2D, BC, 64, 1B, C1, F3, 9D, 44, 1F, 94, 55, D2, 9A, 9F, 6A, 90, 68, 3B, 82, 7A, 49, 32, C2, 1F, 56, 22, 2B, 37, 92, 14, 51, 2C, 0F, CE, 0E, 7D, BF, 98, 68, 6F, A9, F8, C4, 03, CD, 04, 20, 5E, 81, B9, 3D, 05, 9C, 22, 12, 69, 67, 3E, FD, E1, ED, 95, 48, 00, 23, 92, 1D, 1C... 
[+]

Entropy:

7.8710 (probably packed)

Code size:

74 KB (75,776 bytes)

The file alz.big.hero.6.2014.dvdscr.x264.by.ansa.mkv_10924_i14018881_il345.exe has been seen being distributed by the following URL.

http://downprov1.thesoftwarenow.com/p/.../max payne 2 crack file_10924_i14018963_il345.exe

Remove alz.big.hero.6.2014.dvdscr.x264.by.ansa.mkv_10924_i14018881_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.