» dsj3v171.exe
Overview
Analysis
File Details
Downloads (1)

dsj3v171.exe

Deluxe Ski Jump 3

Mediamond Tmi

The executable dsj3v171.exe, “Deluxe Ski Jump 3 Setup ” has been detected as malware by 12 anti-virus scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. Infected by the Parite virus, a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives. The file has been seen being downloaded from www.mediamond.fi.

File name:

dsj3v171.exe

Publisher:

Mediamond Tmi

Product:

Deluxe Ski Jump 3

Description:

Deluxe Ski Jump 3 Setup

Version:

1.7.1.0

MD5:

5dd81a0f25ede09380958b19b4fb67b1

SHA-1:

12dbc883098c60d4a6490eee3960edb987d0157c

SHA-256:

fe0a3138f5f917c27e0ef419fedb2099677b5f3c58fde311cc2b131cd4b978b2

Scanner detections:

12 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

11/5/2024 7:01:20 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Parite

160327-1

AVG

Win32/Parite

2015.0.4355

Dr.Web

Win32.Parite.2

9.0.1.05190

Emsisoft Anti-Malware

Win32.Parite

11.5.0.6191

ESET NOD32

Win32/Parite.B virus

8.0.319.0

F-Prot

W32/Parite.B

4.6.5.141

F-Secure

Win32.Parite.B

5.15.96

Kaspersky

Virus.Win32.Parite

15.0.0.562

McAfee

Virus.W32/Pate.b

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.217.1485.0

Norman

Win32.Parite.B

02.04.2016 17:35:19

Sophos

Virus 'W32/Parite-B'

5.23

File size:

3.9 MB (4,077,528 bytes)

Product version:

1.7.1

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\dsj3v171.exe

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:T9sutxKIYtw7YT837Q7MUAX2X/L50Nvs+b4Sxpvc+kDSmke/H3LXmplFiTgiICL4:JdCc08tUAX43cxXmlv3LKTGgpIpgWw

Entry address:

0x14000

Entry point:

90, 90, 68, E8, 25, FD, 00, 59, 68, 1E, 40, 41, 00, 5A, BF, 98, 05, 00, 00, FF, 34, 3A, 31, 0C, 24, 8F, 04, 3A, 83, EF, 04, 75, F2, 90, 00, 58, FC, 00, E8, 25, FD, 00, E8, 25, BD, 00, 10, 80, FD, 00, 29, A4, C6, 00, 30, A2, C6, 00, E8, 95, FF, 00, 17, DA, 02, FF, 5C, F5, BD, 00, 8C, F7, BD, 00, 94, F7, BD, 00, E8, 25, FD, 00, E8, 25, FD, 00, E8, 25, FD, 00, 5C, 83, FD, 00, 8A, F7, FD, 00, 92, F7, FD, 00, E8, 25, FD, 00, E8, 25, FD, 00, E8, 25, FD, 00, E8, 25, FD, 00, F4, F4, BD, 00, E8, 25, FD, 00, E8, 25... 
[+]

Code size:

39.5 KB (40,448 bytes)

The file dsj3v171.exe has been seen being distributed by the following URL.

http://www.mediamond.fi/dsj3/.../dsj3v170.exe

Remove dsj3v171.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.