home

calculus solved!.exe

Calculus Solved!

Bagatrix

The executable calculus solved!.exe, “Setup Launcher ” has been detected as malware by 3 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from download1203.mediafire.com.
Publisher:
Bagatrix

Product:
Calculus Solved!

Description:
Setup Launcher

Version:
20.08.0074

MD5:
0b3a06b1208a8495affa134959cd9f04

SHA-1:
b989be8437ad29fe4fcc816260b96dd303fd0a9d

SHA-256:
0676bb7d9b6ea8a688149e1b2031684f7c26df9dded181cb35104b8f17b38f5b

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
11/23/2024 9:26:14 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Delf.NAP virus
8.0.319.0

Microsoft Security Essentials
Threat.Undefined
1.225.2406.0

VIPRE Antivirus
Threat.4723986
50880

File size:
3.6 MB (3,777,631 bytes)

Product version:
20.08.0074

Copyright:
Copyright (C) 2003 InstallShield Software Corp.

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\calculus solved!.exe

File PE Metadata
Compilation timestamp:
4/10/2003 2:51:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:g0/3aJP37pzjV75u1YMp0MKp/LdPCo8k6o+aGOlomJRnBABSrl:RS57p3V7YYx9hLdPC5kp+aGOlouCB4l

Entry address:
0x22255

Entry point:
4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 08, 01, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8203  (probably packed)

Code size:
136 KB (139,264 bytes)

The file calculus solved!.exe has been seen being distributed by the following URL.

http://download1203.mediafire.com/ebc6819hy9xg/.../calculus Solved!(2).exe

Remove calculus solved!.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.