dffsetup-api-ms-win-crt-runtime-l1-1-0.exe

Dll-Files Fixer

Dll-Files.com

The application dffsetup-api-ms-win-crt-runtime-l1-1-0.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from download.dll-files.com.
Publisher:
Dll-Files.com

Product:
Dll-Files Fixer

Version:
Dll-Files Fixer

MD5:
5b3f35aa6f6552ad91d5477763f22cbb

SHA-1:
d7a8c23f50500301aaf33dcfe260f98c65850f2e

SHA-256:
3d6e152764635e2b0795bffd61bebd284dbb496a143745b60094e493894f9551

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 5:56:03 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.DLLFiles (L)
16.9.8.12

File size:
5.4 MB (5,621,718 bytes)

Product version:
3.3.90

Copyright:
© Dll-Files.com

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\dffsetup-api-ms-win-crt-runtime-l1-1-0.exe

File PE Metadata
Compilation timestamp:
7/9/2014 12:58:13 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:JEEAvvy9nDc1hL8ERx2d1M+T5B1z0I1sTX54u4CxwhyamiDwDVvrQa199KsQWi:GEAvvykfv2d1h5/z0JKoxwUlVvrQa19M

Entry address:
0x90000

Entry point:
90, 90, 68, 64, 09, 5F, 00, 58, 90, BA, 1C, 00, 49, 00, 90, 90, 68, 98, 05, 00, 00, 5E, 31, 04, 32, 4E, 83, EE, 03, 90, 75, F6, 8C, 74, 5E, 00, 64, 09, 5F, 00, 64, 09, 1F, 00, D8, 1A, 5E, 00, C4, 18, 0C, 00, B2, 1E, 0C, 00, 64, B9, 5D, 00, 9B, F6, A0, FF, 54, 9A, 1E, 00, 82, 9C, 1E, 00, 94, 9C, 1E, 00, 40, 18, 5E, 00, 80, 9C, 5E, 00, 8A, 9C, 5E, 00, 54, 1A, 5E, 00, 80, 9C, 5E, 00, 8A, 9C, 5E, 00, 64, 09, 5F, 00, 64, 09, 5F, 00, 64, 09, 5F, 00, 64, 09, 5F, 00, 64, 09, 5F, 00, 64, 09, 5F, 00, 64, 09, 5F, 00...
 
[+]

Entropy:
7.8785  (probably packed)

Code size:
63.5 KB (65,024 bytes)

The file dffsetup-api-ms-win-crt-runtime-l1-1-0.exe has been seen being distributed by the following URL.

Remove dffsetup-api-ms-win-crt-runtime-l1-1-0.exe - Powered by Reason Core Security