home

daemon-tools-lite.exe

The application daemon-tools-lite.exe has been detected as a potentially unwanted program by 7 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
MD5:
85302eb3e1ce50a5bc14f18ae89aa272

SHA-1:
d2945e936413f80079949f677a16295bc5c166ad

SHA-256:
bb88869201062874b624a9d9f3def81906cea55045233be3f49c2eb4f8a9009d

Scanner detections:
7 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
12/4/2024 6:04:17 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/InstallCore.BA (variant)
8.9630

F-Prot
W32/InstallCore.V2.gen
v6.4.7.1.166

K7 AntiVirus
Unwanted-Program
13.176.11637

Malwarebytes
PUP.Optional.InstallCore
v2014.11.23.06

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.141121

Sophos
InstallCore ToDownload
4.98

Vba32 AntiVirus
Adware.InstallCore.gen
3.12.24.3

File size:
1 MB (1,100,680 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\microtorrent et divers\daemon-tools-lite.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:tG9UOZrfEK+v4fDsH8KYXOnOZ8stpVuGZW69S/Fyx7XJ62jTz:tsEK0IDsczqstpVuGR9CFyx7XJBX

Entry address:
0xCD290

Entry point:
55, 8B, EC, 83, C4, F0, B8, 8C, 24, 41, 00, E8, E7, D8, FF, FF, 25, 78, F1, 45, 00, 8B, C0, FF, 25, 74, F1, 45, 00, 8B, C0, FF, 25, 70, F1, 45, 00, 8B, C0, FF, 25, 6C, F1, 45, 00, 8B, C0, FF, 25, D8, F1, 45, 00, 8B, C0, FF, 25, 68, F1, 45, 00, 8B, C0, FF, 25, 64, F1, 45, 00, 8B, C0, FF, 25, 60, F1, 45, 00, 8B, C0, FF, 25, F0, F1, 45, 00, 8B, C0, FF, 25, EC, F1, 45, 00, 8B, C0, FF, 25, E8, F1, 45, 00, 8B, C0, FF, 25, 5C, F1, 45, 00, 8B, C0, FF, 25, 58, F1, 45, 00, 8B, C0, FF, 25, 00, F2, 45, 00, 8B, C0, FF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
837.5 KB (857,600 bytes)

Remove daemon-tools-lite.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.