home

b1freearchiver.exe

Installer B1 Free Archiver

Catalina Group Ltd

The application b1freearchiver.exe by Catalina Group has been detected as a potentially unwanted program by 5 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This file is typically installed with the program B1 Free Archiver by Catalina Group Ltd. The file has been seen being downloaded from b1.org.
Publisher:
http://b1.org/  (signed by Catalina Group Ltd)

Product:
Installer B1 Free Archiver

Version:
2, 6, 27, 0

MD5:
85f898f8b627e4d22853af87e96376b6

SHA-1:
e0d0645bf5385d34669edef88f28a96ee9e4bdfe

SHA-256:
5da6fdb1bdf6b071384336217c38a3c692767c63c7c839a5565ae930163cba4e

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 12:47:48 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Backdoor.Bot.135374
8.15.09.13.05

herdProtect (fuzzy)
variant of installer.exe (PUP)
2015.9.13.17

Reason Heuristics
PUP.Catalina.CatalinaGroup.Installer (M)
15.8.6.17

Rising Antivirus
PE:PUF.4Shared!1.9C25
23.00.65.15911

Trend Micro House Call
TROJ_GEN.F47V0111
7.2.256

File size:
26.9 MB (28,180,288 bytes)

Product version:
2, 6, 27, 0

Copyright:
Copyright(C) 2014

Original file name:
Installer

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\b1freearchiver.exe

Digital Signature
Signed by:
Catalina Group Ltd

Authority:
Catalina Group Ltd

Valid from:
4/16/2015 12:53:24 PM

Valid to:
1/1/2040 12:59:59 AM

Subject:
CN=Catalina Group Ltd

Issuer:
CN=Catalina Group Ltd

Serial number:
F16F6DA8DF8C458545A6335860591E9C

File PE Metadata
Compilation timestamp:
5/21/2015 1:22:09 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
786432:Cvj5Q4yAO/Uu1hIBZby/+EExMD119R8dcTMnGG:OQ4yrbhIbbnxMh19RKGG

Entry address:
0x5B26A

Entry point:
E8, 9F, DA, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04...
 
[+]

Code size:
470 KB (481,280 bytes)

The file b1freearchiver.exe has been discovered within the following program.

B1 Free Archiver  by Catalina Group Ltd
About 5% of users remove it
 
Powered by Should I Remove It?

The file b1freearchiver.exe has been seen being distributed by the following URL.

http://b1.org/smart-download/550210/.../B1FreeArchiverInstl.exe

Remove b1freearchiver.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.