» dffsetup-api-ms-win-crt-runtime-l1-1-0.exe
Overview
Analysis
File Details
Downloads (1)

dffsetup-api-ms-win-crt-runtime-l1-1-0.exe

Dll-Files Fixer

Dll-Files.com

The application dffsetup-api-ms-win-crt-runtime-l1-1-0.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from download.dll-files.com.

File name:

Publisher:

Dll-Files.com

Product:

Dll-Files Fixer

Version:

Dll-Files Fixer

MD5:

5b3f35aa6f6552ad91d5477763f22cbb

SHA-1:

d7a8c23f50500301aaf33dcfe260f98c65850f2e

SHA-256:

3d6e152764635e2b0795bffd61bebd284dbb496a143745b60094e493894f9551

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 5:12:24 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.DLLFiles (L)

16.9.8.12

File size:

5.4 MB (5,621,718 bytes)

Product version:

3.3.90

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\dffsetup-api-ms-win-crt-runtime-l1-1-0.exe

File PE Metadata

Compilation timestamp:

7/9/2014 12:58:13 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:JEEAvvy9nDc1hL8ERx2d1M+T5B1z0I1sTX54u4CxwhyamiDwDVvrQa199KsQWi:GEAvvykfv2d1h5/z0JKoxwUlVvrQa19M

Entry address:

0x90000

Entry point:

90, 90, 68, 64, 09, 5F, 00, 58, 90, BA, 1C, 00, 49, 00, 90, 90, 68, 98, 05, 00, 00, 5E, 31, 04, 32, 4E, 83, EE, 03, 90, 75, F6, 8C, 74, 5E, 00, 64, 09, 5F, 00, 64, 09, 1F, 00, D8, 1A, 5E, 00, C4, 18, 0C, 00, B2, 1E, 0C, 00, 64, B9, 5D, 00, 9B, F6, A0, FF, 54, 9A, 1E, 00, 82, 9C, 1E, 00, 94, 9C, 1E, 00, 40, 18, 5E, 00, 80, 9C, 5E, 00, 8A, 9C, 5E, 00, 54, 1A, 5E, 00, 80, 9C, 5E, 00, 8A, 9C, 5E, 00, 64, 09, 5F, 00, 64, 09, 5F, 00, 64, 09, 5F, 00, 64, 09, 5F, 00, 64, 09, 5F, 00, 64, 09, 5F, 00, 64, 09, 5F, 00... 
[+]

Entropy:

7.8785 (probably packed)

Code size:

63.5 KB (65,024 bytes)

The file dffsetup-api-ms-win-crt-runtime-l1-1-0.exe has been seen being distributed by the following URL.

http://download.dll-files.com/fixer/.../dffsetup-api-ms-win-crt-runtime-l1-1-0.exe

Remove dffsetup-api-ms-win-crt-runtime-l1-1-0.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.