dgisdead.exe

The executable dgisdead.exe has been detected as malware by 9 anti-virus scanners. This is a setup program which is used to install the application. Infected by the Parite virus, a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives. The file has been seen being downloaded from dc740.4shared.com.
MD5:
db9009dbe69982ada6c99c87f7acf93c

SHA-1:
06d3fe68a9548528fbf8b8d8e81f568d62f5466f

SHA-256:
61e7b5978a449cd036f60a7d2c4d854da2552c0022670acdc8d98f29e2d4c6eb

Scanner detections:
9 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
12/25/2024 1:26:21 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Parite
160518-2

AVG
Win32/Parite
2015.0.4591

Dr.Web
Win32.Parite.2
9.0.1.05190

Emsisoft Anti-Malware
Win32.Parite
16.07.10

ESET NOD32
Win32/Parite.B virus
8.0.319.0

F-Prot
W32/Parite.B
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.225.749.0

Norman
Win32.Parite.B
28.05.2016 15:32:18

VIPRE Antivirus
Threat.46249
50434

File size:
1.1 MB (1,105,374 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\dgisdead.exe

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:p+u8tC50kvNVUpNqrbtG4VqTYYTfCpVFFr7hLynec3DR:p+uaMXVQqrZtIQFnAnD3V

Entry address:
0x1E9000

Entry point:
90, B8, D3, DD, 93, 00, 68, 24, 90, 5E, 00, 5A, BE, 98, 05, 00, 00, FF, 34, 32, 31, 04, 24, 8F, 04, 32, 90, 90, 83, EE, 02, 83, EE, 02, 90, 90, 75, EB, 90, 90, 3B, A0, 92, 00, D3, DD, 93, 00, D3, DD, D3, 00, D3, FD, 8E, 00, B2, FA, 9D, 00, 0D, F0, 9D, 00, D3, 6D, 91, 00, 2C, 22, 6C, FF, D3, 4D, D5, 00, 8C, 4D, D5, 00, BE, 4D, D5, 00, D3, DD, 93, 00, D3, DD, 93, 00, D3, DD, 93, 00, D3, 01, 91, 00, 8E, 4D, 95, 00, B8, 4D, 95, 00, D3, DD, 93, 00, D3, DD, 93, 00, D3, DD, 93, 00, D3, DD, 93, 00, D3, 4D, D5, 00...
 
[+]

Code size:
329 KB (336,896 bytes)

The file dgisdead.exe has been seen being distributed by the following URL.

Remove dgisdead.exe - Powered by Reason Core Security