» dead mine 2012 l1 hdrip 1400mb avi tfile ru torrent.exe
Overview
Analysis
File Details
Downloads (1)

dead mine 2012 l1 hdrip 1400mb avi tfile ru torrent.exe

OOO

The application dead mine 2012 l1 hdrip 1400mb avi tfile ru torrent.exe by OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from crouch-win-common.ru.

File name:

Publisher:

OOO (signed and verified)

MD5:

99485dde5152b9632baac783a2aa2b1c

SHA-1:

84e244446decd3d4b293305f8742b1bf4e3b6260

SHA-256:

941e8d58c98aba450d319ab199dda73fc7f76f60f66ca1b8258e586b835d61e1

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/6/2024 7:39:04 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.2.15.18

File size:

489.1 KB (500,848 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\dead mine 2012 l1 hdrip 1400mb avi tfile ru torrent.exe

Digital Signature

Signed by:

OOO

Authority:

COMODO CA Limited

Valid from:

3/10/2016 2:00:00 AM

Valid to:

3/11/2017 1:59:59 AM

Subject:

CN="OOO ""TELEKA""", O="OOO ""TELEKA""", STREET="Alekseevskaya, 10/16, pom,p5", L=Nighni Novgorod, S=Nigegorodskaya oblast, PostalCode=603005, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00BA43B3F2559BDB1BF6E6C6EB70F7024E

File PE Metadata

Compilation timestamp:

4/1/2016 4:45:22 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.50

Entry address:

0x1000

Entry point:

68, 2C, 00, 00, 00, 68, 00, 00, 00, 00, 68, 30, 9B, 47, 00, E8, FC, 1F, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, F5, 1F, 00, 00, A3, 34, 9B, 47, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, E2, 1F, 00, 00, A3, 30, 9B, 47, 00, E8, 2C, 28, 00, 00, E8, F7, 25, 00, 00, E8, BE, 25, 00, 00, E8, 27, 20, 00, 00, BA, 23, 90, 41, 00, 8D, 0D, 50, 9B, 47, 00, E8, A5, 1F, 00, 00, BA, 1F, 90, 41, 00, 8D, 0D, 38, 9B, 47, 00, E8, 95, 1F, 00, 00, 8B, 15, 78, 9B, 47, 00, 52, 52, 68, 14, 00, 00, 00... 
[+]

Packer / compiler:

PKLITE32, 0x1.1

Code size:

80.5 KB (82,432 bytes)

The file dead mine 2012 l1 hdrip 1400mb avi tfile ru torrent.exe has been seen being distributed by the following URL.

http://crouch-win-common.ru/357220755

Remove dead mine 2012 l1 hdrip 1400mb avi tfile ru torrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.