bluetooth_radar_c.exe

Internet Explorer

Spektr AITI, TOV

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The application bluetooth_radar_c.exe, “Instalador de complementos de Internet Explorer” by Spektr AITI, TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Microsoft Corporation  (signed by Spektr AITI, TOV)

Product:
Internet Explorer

Description:
Instalador de complementos de Internet Explorer

Version:
11.00.9600.16428 (winblue_gdr.131013-1700)

MD5:
fa8262680b7d3ed6f58d41f4390357fe

SHA-1:
1e3559ce731cad9efd19f362aa38e61e6d1794ec

SHA-256:
89487c9fbe28e2bf92de3b7064ae7d0037e8bb5b14846b6bea9aaef9778548b0

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 5:19:04 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCube (M)
17.3.10.17

File size:
3.5 MB (3,655,736 bytes)

Product version:
11.00.9600.16428

Copyright:
© Microsoft Corporation. Todos los derechos reservados.

Original file name:
ieinstal.exe.mui

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\users\{user}\downloads\bluetooth_radar_c.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
12/23/2015 7:00:00 PM

Valid to:
12/23/2016 6:59:59 PM

Subject:
CN="Spektr AITI, TOV", OU=IT, O="Spektr AITI, TOV", STREET="Bud. 30 kv. 292, prospekt Vatutina", L=Kiev, S=Kiev, PostalCode=02189, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3694697EDF9F6EF8FF786FBBAD3234DF

File PE Metadata
Compilation timestamp:
1/13/2016 9:41:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

Entry address:
0x3521F0

Entry point:
55, 8B, EC, 6A, FF, 68, 98, 9A, 75, 00, 68, 70, 33, 75, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, E4, 70, 75, 00, 33, D2, 8A, D4, 89, 15, 88, A7, 75, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 84, A7, 75, 00, C1, E1, 08, 03, CA, 89, 0D, 80, A7, 75, 00, C1, E8, 10, A3, 7C, A7, 75, 00, 33, F6, 56, E8, CA, 0F, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 95, 0C, 00, 00, FF, 15, 18, 70, 75, 00, A3, B4, AC, 75, 00, E8...
 
[+]

Entropy:
5.9992

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
3.3 MB (3,497,984 bytes)

Remove bluetooth_radar_c.exe - Powered by Reason Core Security