» ares-dp.exe
Overview
Analysis
File Details

ares-dp.exe

Dobreprogramy sp. z o.o.

The application ares-dp.exe by Dobreprogramy sp. z o.o has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

ares-dp.exe

Publisher:

Dobreprogramy sp. z o.o. (signed and verified)

MD5:

8129737d44ec4ede273caebbdbc3e51b

SHA-1:

2517b25eff1507e8df5c3281f9be0f1ca3b41849

SHA-256:

6ff10c0d29ed52ed4bfc874845563e716e98e1b1f5623a0b3606364c1f67b1cb

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/2/2024 3:38:48 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.installCore

17.2.22.17

File size:

711.7 KB (728,784 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\ares-dp.exe

Digital Signature

Signed by:

Dobreprogramy sp. z o.o.

Authority:

GlobalSign nv-sa

Valid from:

11/12/2014 3:21:11 PM

Valid to:

11/13/2015 3:21:11 PM

Subject:

CN=Dobreprogramy sp. z o.o., O=Dobreprogramy sp. z o.o., L=Wroclaw, C=PL

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121E9A581200A0A8D4D739B689331436C1D

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0xA5F8

Entry point:

2E, FC, 5E, 1C, 1A, 6C, 0A, 1C, 0F, 86, 0A, 25, 1F, F7, 46, 04, FB, 2F, 2C, 60, 40, 1C, 1A, 70, 0A, D6, 2C, B6, FB, 2F, 1F, B4, F7, 04, 15, E7, 39, 2F, FB, A4, 4C, 07, 13, 20, 20, 1C, 27, B5, 0A, F7, 22, CF, F7, 50, D0, 5A, CE, F7, 50, CE, 12, E5, DB, F7, 86, DC, F7, 3D, DD, 13, BE, 1C, 0A, 3C, 0A, 13, DE, F9, 65, F7, 95, 15, FB, 27, F7, F9, 39, FE, 17, DD, F8, 6D, 8B, 1D, 0E, F7, 38, CD, EA, CE, F7, 15, CA, 50, CF, F7, 02, CE, 12, E7, DC, F7, 84, DC, F7, 41, DD, 13, EF, F8, D9, F8, 3A, 15, 73, FB, 1C, FB... 
[+]

Code size:

39.5 KB (40,448 bytes)

Remove ares-dp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.