home

{blocked}.ex

Proxomitron

SBIS

The file {blocked}.ex by SBIS has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Groom-A-Zebu (tm)   (signed by SBIS)

Product:
Proxomitron

Description:
The Proxomitron

Version:
4, 5, 0, 4

MD5:
e4b998f40a08a77b56d3e37a3aba1280

SHA-1:
8af293dd7e6ae3b5622eff3afc2d6b4498e5a747

SHA-256:
e1557bf96f52a9df1f5ed522fb6e746d1c1097a7d4625d2548adda2ace95b8c6

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/26/2024 7:46:31 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.11.17

File size:
596.4 KB (610,744 bytes)

Product version:
Naoko-4.5 2003-6-1

Copyright:
Copyright © 1999 - 2003 By Scott R. Lemmon

Trademarks:
Proxomitron, The, and the letters A-Z

Original file name:
Proxomitron.exe

Common path:
C:\users\{user}\downloads\kayl xy 1 2 3 sezon vse serii kyle xy sezon 1 2 3 maykl robinson pet uilyams gay norman bi 2009 g.exe

Digital Signature
Signed by:
SBIS

Authority:
COMODO CA Limited

Valid from:
5/3/2015 3:00:00 AM

Valid to:
5/3/2016 2:59:59 AM

Subject:
CN=SBIS, O=SBIS, STREET="PR-T MOSKOVSKIJ, 12", L=YAROSLAVL, S=YAROSLAVL REGION, PostalCode=150001, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009CA0BE54A9516364680AD45D6408C6A2

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x83378

Entry point:
57, 60, 60, C6, 04, 24, 75, C7, 44, 24, 40, 4D, AC, 9B, 8A, FF, 34, 24, C7, 44, 24, 0C, 59, F0, 05, A1, E9, 0C, AE, FF, FF, 00, 00, 52, 65, 61, 6C, 47, 65, 74, 57, 69, 6E, 64, 6F, 77, 43, 6C, 61, 73, 73, 57, 00, E8, 23, FD, FF, FF, 1C, 4A, A3, 37, 41, A5, 21, 81, 96, AC, 77, 89, 1F, 59, D9, 17, 8B, A9, 3F, 69, FF, 0D, 81, C3, 43, 89, 09, 1F, EA, 0C, A2, D4, 48, 7E, BB, FD, 96, C9, 93, BA, 9A, C0, 66, 30, 7A, 93, A6, 23, 07, D2, 64, 9F, C5, CE, F4, FD, 23, 4B, 09, 3F, FB, 5D, BF, CD, D6, 0B, EB, 05, B9, DF...
 
[+]

Code size:
440 KB (450,560 bytes)

Remove {blocked}.ex - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.