home

auto click.exe

The executable auto click.exe has been detected as malware by 11 anti-virus scanners. This is a setup program which is used to install the application. Infected by the Parite virus, a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives. The file has been seen being downloaded from dc347.4shared.com.
MD5:
3a55adb94cf2b25bc1860ad9260f4557

SHA-1:
2b70688cb75aefd86f8cdb5cf85cb0088db7fe3a

SHA-256:
413e157096f4a3218b5ac2aad50acf553740fbb5ce59024e33c659d6c251069b

Scanner detections:
11 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
11/24/2024 11:05:53 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Parite
160518-2

AVG
Win32/Parite
2015.0.4604

Dr.Web
Win32.Parite.2
9.0.1.05190

Emsisoft Anti-Malware
Win32.Parite
11.5.0.6191

ESET NOD32
Win32/Parite.B virus
8.0.319.0

F-Prot
W32/Parite.B
4.6.5.141

F-Secure
Win32.Parite.B
5.15.96

Kaspersky
Virus.Win32.Parite
15.0.0.562

Microsoft Security Essentials
Threat.Undefined
1.225.1028.0

Norman
Win32.Parite.B
28.05.2016 15:32:18

VIPRE Antivirus
Threat.46249
50434

File size:
538 KB (550,878 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\auto click.exe

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:d+mZNgKRjdlWbGrFWnxL/I7iqJ4yb/oO1BuZQDwvr:o8NNjGEFyDinoUvwj

Entry address:
0x61000

Entry point:
90, 68, C6, 43, B1, 00, 5B, 68, 24, 10, 46, 00, 5A, 68, 98, 05, 00, 00, 5E, 90, FF, 34, 32, 31, 1C, 24, 8F, 04, 32, 90, 83, EE, 02, 83, EE, 02, 90, 90, 75, EC, 2E, 3E, B0, 00, C6, 43, B1, 00, C6, 43, F1, 00, A6, 9E, B5, 00, C6, F1, B4, 00, 18, F4, B4, 00, C6, F3, B3, 00, 39, BC, 4E, FF, DE, 52, F4, 00, 2E, 55, F4, 00, C6, 54, F4, 00, C6, 43, B1, 00, C6, 43, B1, 00, C6, 43, B1, 00, DE, A6, B5, 00, 20, 55, B4, 00, 38, 55, B4, 00, C6, 43, B1, 00, C6, 43, B1, 00, C6, 43, B1, 00, C6, 43, B1, 00, C6, 43, B1, 00...
 
[+]

Code size:
307.5 KB (314,880 bytes)

The file auto click.exe has been seen being distributed by the following URL.

http://dc347.4shared.com/download/.../Auto_Click.exe

Remove auto click.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.