aswClear.exe

avast! Antivirus

AVAST Software

This is a setup program which is used to install the application. The file has been seen being downloaded from download1580.mediafire.com and multiple other hosts.
Publisher:
AVAST Software  (signed and verified)

Product:
avast! Antivirus

Description:
avast! Antivirus Removal Tool

Version:
8.0.1489.300

MD5:
d01b15a4bbd5364dd922851c8f377109

SHA-1:
d4e301be8d548043cc80dfef26230001581491ef

SHA-256:
52e0cbabf90cc6ad1fc1d211a04963007db4f0a67f3eefd691e7ce7e427a7dd8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 5:04:19 AM UTC  (today)

File size:
369.1 KB (377,920 bytes)

Product version:
8.0.1489.300

Copyright:
Copyright (c) 2013 AVAST Software

Original file name:
aswClear.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\tools\avast antivirus removal tool\aswclear.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/31/2011 4:00:00 AM

Valid to:
1/31/2014 3:59:59 AM

Subject:
CN=AVAST Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=AVAST Software, L=Praha 4, S=Praha, C=CZ

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0DD6D671FE0364D43B632131417E7B3F

File PE Metadata
Compilation timestamp:
5/9/2013 12:56:10 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:f2CeYs4NNnYUS3CDInlRzlhfRLGQeFsCT3naFT36wx1mM7lN6z:f2CeYs4NBiCDIlRzl1RydsYqKwSMh8z

Entry address:
0x2128E

Entry point:
E8, 23, 86, 00, 00, E9, 79, FE, FF, FF, 6A, 08, B8, C3, E8, 42, 00, E8, 5C, 0A, 00, 00, FF, 75, 08, 83, 65, FC, 00, E8, 9E, DA, FF, FF, 59, 89, 45, EC, 8B, 45, EC, E8, 7A, 0A, 00, 00, C3, 83, 65, EC, 00, B8, B4, 12, 42, 00, C3, 6A, 10, 68, 10, CE, 43, 00, E8, 0D, 1A, 00, 00, 8B, 5D, 08, 85, DB, 75, 0E, FF, 75, 0C, E8, D2, DF, FF, FF, 59, E9, CC, 01, 00, 00, 8B, 75, 0C, 85, F6, 75, 0C, 53, E8, F0, E3, FF, FF, 59, E9, B7, 01, 00, 00, 83, 3D, 80, 50, 44, 00, 03, 0F, 85, 93, 01, 00, 00, 33, FF, 89, 7D, E4, 83...
 
[+]

Code size:
187.5 KB (192,000 bytes)

The file aswClear.exe has been seen being distributed by the following 9 URLs.

http://download1580.mediafire.com/dztwt3ddq9zg/.../aswclear.exe

http://download2112.mediafire.com/g10rulaadoyg/.../aswclear.exe

http://download2112.mediafire.com/t162sjvrrcpg/.../aswclear.exe

http://download2112.mediafire.com/qiqixezmx5sg/.../aswclear.exe