epson_t50_shema_bloka_pitaniya.exe

ZENIT-SERVIS

The executable epson_t50_shema_bloka_pitaniya.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
CCO Ltd  (signed by ZENIT-SERVIS)

Version:
3.23.5.110m

MD5:
b1e862088dc92164e9d3b596ccd81d2e

SHA-1:
3804dce6786c649be15a9f79df5b12c75a168c07

SHA-256:
6e26f0927ede790e8504704c05c7c4b258dde383d8af8badc2642d7a855aa231

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/25/2024 3:35:58 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.11.5

File size:
4.1 MB (4,281,408 bytes)

Product version:
3.23.5.110m

Original file name:
CCo.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\epson_t50_shema_bloka_pitaniya.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
7/21/2016 5:00:00 AM

Valid to:
7/22/2017 4:59:59 AM

Subject:
CN=ZENIT-SERVIS, O=ZENIT-SERVIS, STREET="Mira, 3", L=Gubkin, S=RU, PostalCode=309186, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
771B5166CD3436EA0B0A4D70114BF274

File PE Metadata
Compilation timestamp:
7/27/2016 4:18:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x2F764C

Entry point:
55, 8B, EC, 6A, FF, 68, 48, CB, 7F, 00, 68, 6C, 85, 6F, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, DC, A0, 7F, 00, 33, D2, 8A, D4, 89, 15, 9C, E6, 7F, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 98, E6, 7F, 00, C1, E1, 08, 03, CA, 89, 0D, 94, E6, 7F, 00, C1, E8, 10, A3, 90, E6, 7F, 00, 33, F6, 56, E8, 6A, 0D, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 35, 0A, 00, 00, FF, 15, D8, A0, 7F, 00, A3, B8, FB, 7F, 00, E8...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
4 MB (4,165,632 bytes)

Remove epson_t50_shema_bloka_pitaniya.exe - Powered by Reason Core Security