avira_cloud_tech_preview_setup.exe

Avira APC

Avira Operations GmbH & Co. KG

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from esd.element5.com and multiple other hosts.
Publisher:
Avira Operations GmbH & Co. KG   (signed by Avira Operations GmbH & Co. KG)

Product:
Avira APC

Description:
Avira APC Setup

MD5:
71a2f6fdb5db2ee780cc5b29c47d30be

SHA-1:
0358534b05fc8782739f20c8db77532ec948692f

SHA-256:
64df07503aa94bc57e7fd46144d3ce772a7244a7a9f7cada105f7122f69753f5

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/26/2024 12:22:43 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clodf97.Trojan
1.3.0.4959

File size:
1.5 MB (1,603,672 bytes)

Product version:
0.1.0.1

Copyright:
Copyright © 2012 Avira Operations GmbH & Co. KG

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\avira_cloud_tech_preview_setup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
7/20/2011 2:00:00 AM

Valid to:
7/20/2014 1:59:59 AM

Subject:
CN=Avira Operations GmbH & Co. KG, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Avira Operations GmbH & Co. KG, L=Tettnang, S=Baden Wuerttemberg, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
54971FF238D2B866F27FC3FE6C9AD577

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:PnvyQkVqCGs3k6ENh7d24sddjDAYJY1NoGy+Xti3HvXYezMjSvA+ut1yrnsixRa+:PvyQg0f7aDfR+XtiXvYCM6lmyrnUto

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file avira_cloud_tech_preview_setup.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file avira_cloud_tech_preview_setup.exe has been seen being distributed by the following 4 URLs.

Scan avira_cloud_tech_preview_setup.exe - Powered by Reason Core Security