home

app.exe

Turn Key Media

The executable app.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
Turn Key Media  (signed and verified)

Product:
Turn Key Media

Version:
71.8.8.9338

MD5:
8c48c531a994b3440ce550f0e98414f8

SHA-1:
e0d157fb152a74bc574e889638b245ac944b93df

SHA-256:
7cea5a8a4d510ed2a8f74fb9743f98384db6b0ca1f1777b12f89f113decc52ff

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/15/2024 6:37:36 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Generic
16.11.26.14

File size:
890.5 KB (911,896 bytes)

Product version:
71.8.8.9338

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\app.exe

Digital Signature
Signed by:
Turn Key Media

Authority:
GoDaddy.com, Inc.

Valid from:
12/9/2015 1:56:38 AM

Valid to:
12/9/2016 1:56:38 AM

Subject:
CN=Turn Key Media, O=Turn Key Media, L="Oakland ", S=California, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
298FC8619C109945

File PE Metadata
Compilation timestamp:
1/23/2015 4:09:55 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:9is/KOFyNjSajGzyJEwzKX8lgtq/KfPoB9q:ltFyNjSKGaKX8+tYi

Entry address:
0x4656

Entry point:
E8, 35, 9E, 00, 00, E9, 5F, 96, 00, 00, A1, 24, D4, 4B, 00, 23, 44, 24, 10, 89, 44, 24, 10, 8B, 4C, 24, 10, 85, C9, 74, 08, A1, 44, 01, 41, 00, C2, 10, 00, 8B, 54, 24, 10, 85, D2, 74, 08, A1, 48, 00, 41, 00, C2, 10, 00, 8B, 44, 24, 10, 85, C0, 74, 08, A1, 4C, 00, 41, 00, C2, 10, 00, 8B, 4C, 24, 10, 85, C9, 74, 08, A1, 58, 01, 41, 00, C2, 10, 00, 8B, 54, 24, 10, 85, D2, 74, 08, A1, 38, 01, 41, 00, C2, 10, 00, 8B, 44, 24, 10, 85, C0, 74, 08, A1, 34, 01, 41, 00, C2, 10, 00, 8B, 4C, 24, 10, 85, C9, 74, 08, A1...
 
[+]

Entropy:
7.9650  (probably packed)

Code size:
57 KB (58,368 bytes)

Remove app.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.