astana.exe

DEY YAZILIM İNTERNET HIZMETLERI SAN.VE. TIC. LTD. STI.

The executable astana.exe, “Deepisyourlove Setup” has been detected as malware by 1 anti-virus scanner. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
Deepisyourlove  (signed by DEY YAZILIM İNTERNET HIZMETLERI SAN.VE. TIC. LTD. STI.)

Product:
Deepisyourlove

Description:
Deepisyourlove Setup

Version:
4.2.0.0

MD5:
bfd5a828e0d1fe07be1d6a1f84a4b8b0

SHA-1:
d62108e5cf59b7a2caad736c002bc6582d183bd5

SHA-256:
bf875de727e87a4788009b9d47c8f767fa74ca0e2c03d916052ea903d12f9d58

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/25/2024 12:57:03 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation (M)
16.3.9.12

File size:
497.2 KB (509,160 bytes)

Product version:
4.2.0.0

Copyright:
Deepisyourlove

Trademarks:
Deepisyourlove

Original file name:
Deepisyourlove.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\users\{user}\appdata\local\temp\astana.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
3/23/2015 2:00:00 AM

Valid to:
3/23/2016 1:59:59 AM

Subject:
CN=DEY YAZILIM İNTERNET HIZMETLERI SAN.VE. TIC. LTD. STI., OU=Software, O=DEY YAZILIM İNTERNET HIZMETLERI SAN.VE. TIC. LTD. STI., STREET=KULOGLU MAH.ALYON GECIDI SOK., STREET=no 2 d 2 beyoğlu, L=istanbul, S=istanbul, PostalCode=34433, C=TR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
74CFE735D4A9C333262E54F219961F8F

File PE Metadata
Compilation timestamp:
10/9/2015 2:10:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:yS/y7qsKQ0jnAt4BknkPMGsgL7GZOsLa30hTb+1BYUp:yS/kBKQ0jnpBknkP/nGZY09K7

Entry address:
0x6B5EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 48, 00, 00, 80, 10, 00, 00, 00, 60, 00, 00, 80, 18, 00, 00, 00, 78, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 02, 00, 00, 00, 90, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 7F, 00, 00, A8, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
421.5 KB (431,616 bytes)

Remove astana.exe - Powered by Reason Core Security