download-cantik-100-by-john-tefon.exe

TOV

The application download-cantik-100-by-john-tefon.exe by TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
TOV   (signed and verified)

Version:
4.5.4.10

MD5:
bb18008e1febb485f8fbcb07babb6283

SHA-1:
0cdb5c7e5cd5c523e3ec522567339a495113acee

SHA-256:
4f3a984df3067c6b675a58dbb83fcad8b9544662a538ddf8d3c0f1c0f079ce12

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/25/2024 11:42:56 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Bundler.TOV (M)
17.3.16.9

File size:
2.5 MB (2,630,608 bytes)

Product version:
4.5.4.10

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\ownload\download-cantik-100-by-john-tefon.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
4/26/2016 7:00:00 AM

Valid to:
2/13/2017 6:59:59 AM

Subject:
CN="TOV ""RENT-IT""", OU=IT, O="TOV ""RENT-IT""", STREET="vul. Knyazhyy Zaton, 16-A", L=Kiev, S=Kiev, PostalCode=02095, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
19ACE3BFB198AF52FB7E58A91770EF4C

File PE Metadata
Compilation timestamp:
10/5/2010 7:03:16 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

Entry address:
0x1DC550

Entry point:
55, 8B, EC, 81, EC, 30, 0F, 00, 00, 8B, 85, 4C, FF, FF, FF, 89, 85, 68, F5, FF, FF, 8B, 8D, 68, F5, FF, FF, 83, E9, 07, 89, 8D, 68, F5, FF, FF, 81, BD, 68, F5, FF, FF, B7, 00, 00, 00, 77, 6E, 8B, 95, 68, F5, FF, FF, 0F, B6, 82, 90, EC, 5F, 00, FF, 24, 85, 74, EC, 5F, 00, 8A, 4D, 98, 88, 8D, 7F, FE, FF, FF, EB, 58, C7, 45, 90, DD, 52, 00, 00, EB, 4F, 0F, B7, 95, 10, FF, FF, FF, 8B, 45, B8, 8D, 8C, 10, 68, 56, 00, 00, 89, 4D, BC, EB, 39, 8B, 95, 70, FF, FF, FF, 83, EA, 39, 89, 95, 64, FF, FF, FF, EB, 28, 33...
 
[+]

Entropy:
6.1979

Developed / compiled with:
Microsoft Visual C++

Code size:
2.2 MB (2,307,584 bytes)

Remove download-cantik-100-by-john-tefon.exe - Powered by Reason Core Security