home

drweb_avdesk_installer.exe

Dr.Web AV-Desk

Doctor Web, Ltd.

This is a self-extracting archive and installer. The file has been seen being downloaded from avdesk.o3.kiev.ua.
Publisher:
Doctor Web, Ltd.

Product:
Dr.Web AV-Desk

Description:
Dr.Web AV-Desk Installer

Version:
10.00.1.201507310

MD5:
aa803a3ffe97095951b710957c0d9652

SHA-1:
f0532cba57d4d36f3e91bc4cfc61479c3218962f

SHA-256:
55c2602d4f2cfb20f42e6ca6e88ca56058fc65b21ed4fcaa256c0f1d13d173ba

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 11:55:43 PM UTC  (a few moments ago)

File size:
10.8 MB (11,359,248 bytes)

Product version:
10.00.1.201507310

Copyright:
Copyright (c) Doctor Web, Ltd., 1992-2015

Trademarks:
Dr.Web(R)

Original file name:
avdinst.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\drweb_avdesk_installer.exe

File PE Metadata
Compilation timestamp:
7/31/2015 9:06:10 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:c9JJ85BLLydy1j8Li2EQX4hTYZYw1A4KZdmJpigMZGqx/0e+7zVJsfSI0fXpBinj:cPJ8XSdLLixQoSZN1zOmhJ8/bq9ij

Entry address:
0xFA60

Entry point:
E8, 66, 9A, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 75, 14, E8, 21, 31, 00, 00, C7, 00, 16, 00, 00, 00, E8, CD, 58, 00, 00, 33, C0, 5D, C3, 8B, 40, 0C, 83, E0, 20, 5D, C3, 6A, 0C, 68, 58, 18, 43, 00, E8, 64, 55, 00, 00, 83, 65, E4, 00, 33, C0, 8B, 7D, 08, 85, FF, 0F, 95, C0, 85, C0, 75, 14, E8, E7, 30, 00, 00, C7, 00, 16, 00, 00, 00, E8, 93, 58, 00, 00, 33, C0, EB, 7E, 33, C0, 8B, 5D, 0C, 85, DB, 0F, 95, C0, 85, C0, 74, DE, 33, C0, 38, 03, 0F, 95, C0, 85, C0, 74, D3, E8, 71, 9B, 00, 00...
 
[+]

Code size:
147 KB (150,528 bytes)

The file drweb_avdesk_installer.exe has been seen being distributed by the following URL.

http://avdesk.o3.kiev.ua:9080/.../download.ds?id=antivir_DrWEB_10145700

Scan drweb_avdesk_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.