home

andrey lenitskiy - day mne znak zaycev net.exe

Online story

The application andrey lenitskiy - day mne znak zaycev net.exe by Online story has been detected as a potentially unwanted program by 9 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dlc.raininfo.ru.
Publisher:
Online story  (signed and verified)

MD5:
1f785529b7a5ac8406ad2b54c571fd1f

SHA-1:
adcd48f3fca2083c64595dff1843b32f957f253d

SHA-256:
eb4d17b54f65403caa670bf2e67d1ac1c1bec1a20f655c3fd14af4e5efad5d26

Scanner detections:
9 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 3:12:44 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:LoadMoney-FA [PUP]
160119-0

AVG
Win32/Heim
2015.0.4522

Dr.Web
Trojan.LoadMoney.451
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Kazy.464664
10.0.0.5366

ESET NOD32
Win32/AdWare.LoadMoney.OJ application
7.0.302.0

Kaspersky
not-a-virus:HEUR:Downloader.Win32.LMN
15.0.0.562

McAfee
Program.EncLoadMoney
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.6150.0

Norman
Gen:Variant.Adware.Kazy.464664
03.02.2016 07:38:05

File size:
479.1 KB (490,632 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\andrey lenitskiy - day mne znak zaycev net.exe

Digital Signature
Signed by:
Online story

Authority:
Thawte, Inc.

Valid from:
7/15/2014 2:00:00 AM

Valid to:
6/26/2015 1:59:59 AM

Subject:
CN=Online story, OU=Online story, O=Online story, L=Moscow, S=Moscow region, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1344520A9BCE2AEAD45E4E26D52C4C48

File PE Metadata
Compilation timestamp:
7/29/2014 10:04:57 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
0.7

CTPH (ssdeep):
12288:LxacPl7Y8iAd+0F4+iN5CNajeAOcTmwBpidU24zAxdR:tac9diAQ845N5CNajeAOW1zAxdR

Entry address:
0x8C3F

Entry point:
64, A1, 30, 00, 00, 00, 0F, B6, 40, 02, 85, C0, 0F, 85, 7F, 03, 00, 00, 64, 8B, 15, 30, 00, 00, 00, 8B, 52, 0C, 83, C2, 14, 8B, 12, 8B, 42, 28, B9, 1A, 00, 00, 00, BD, E2, 54, E1, 65, 81, C5, DD, 9A, 64, 9A, 45, 8A, 18, 40, 80, FB, 61, 7C, 03, 80, EB, 20, 80, F3, 36, 38, 5D, 00, 75, D7, 49, 75, E9, 8B, 52, 10, 8B, 42, 3C, 01, D0, 8B, 40, 78, 01, D0, 8B, 70, 18, BD, 49, 71, A1, AE, 81, C5, 93, 7E, A4, 51, 89, 75, 00, 8B, 70, 20, 01, D6, 83, C5, 04, 89, 75, 00, 8B, 70, 24, 01, D6, 83, C5, 04, 89, 75, 00, 8B...
 
[+]

Code size:
400 KB (409,600 bytes)

The file andrey lenitskiy - day mne znak zaycev net.exe has been seen being distributed by the following URL.

http://dlc.raininfo.ru/download/9e// rEyM2OzNHS15KGhc3D383Kw5/.../andrey_lenitskiy_-_day_mne_znak_zaycev_net.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.