home

drweb_avdesk_installer.exe

Dr.Web AV-Desk

Doctor Web, Ltd.

This is a setup and installation application. The file has been seen being downloaded from avdesk2.enaza.ru.
Publisher:
Doctor Web, Ltd.

Product:
Dr.Web AV-Desk

Description:
Dr.Web AV-Desk Installer

Version:
10.00.1.201507310

MD5:
21dc1987d8fbfd31ad4af04d9d36aab4

SHA-1:
5323310e2480c3b2684e7e8c0bb8fd120f00c031

SHA-256:
aa3d43bd1e710d6b9397145e3fd8b45b25fbb9c966aa3405c8266e0e831b2426

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 1:50:43 AM UTC  (today)

File size:
10.8 MB (11,359,234 bytes)

Product version:
10.00.1.201507310

Copyright:
Copyright (c) Doctor Web, Ltd., 1992-2015

Trademarks:
Dr.Web(R)

Original file name:
avdinst.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\drweb_avdesk_installer.exe

File PE Metadata
Compilation timestamp:
8/1/2015 12:06:10 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:ceJJ85BLLydy1j8Li2EQX4hTYZYw1A4KZdmJpigMZGqx/0e+7zVJsfSI0fXpBink:ccJ8XSdLLixQoSZN1zOmhJ8/bq9ik

Entry address:
0xFA60

Entry point:
E8, 66, 9A, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 75, 14, E8, 21, 31, 00, 00, C7, 00, 16, 00, 00, 00, E8, CD, 58, 00, 00, 33, C0, 5D, C3, 8B, 40, 0C, 83, E0, 20, 5D, C3, 6A, 0C, 68, 58, 18, 43, 00, E8, 64, 55, 00, 00, 83, 65, E4, 00, 33, C0, 8B, 7D, 08, 85, FF, 0F, 95, C0, 85, C0, 75, 14, E8, E7, 30, 00, 00, C7, 00, 16, 00, 00, 00, E8, 93, 58, 00, 00, 33, C0, EB, 7E, 33, C0, 8B, 5D, 0C, 85, DB, 0F, 95, C0, 85, C0, 74, DE, 33, C0, 38, 03, 0F, 95, C0, 85, C0, 74, D3, E8, 71, 9B, 00, 00...
 
[+]

Code size:
147 KB (150,528 bytes)

The file drweb_avdesk_installer.exe has been seen being distributed by the following URL.

http://avdesk2.enaza.ru:9080/.../download.ds?os=windows&id=1459493

Scan drweb_avdesk_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.