home

fidic+silver+book_10924_i50711367_il345.exe

Runner Utility

LLC Arctic West

The executable fidic+silver+book_10924_i50711367_il345.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
Dummy, Ltd.  (signed by LLC Arctic West)

Product:
Runner Utility

Version:
1.0.0.188

MD5:
02e8c0541b728f610ae8feccd2326f11

SHA-1:
1821d51358d90d763182b374e8bbb35024172353

SHA-256:
d17024fc15e644c401849b25f35157dbac0cdb037b8884049789f912b1da4a7e

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/15/2024 4:48:46 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.13.12

File size:
1.2 MB (1,303,552 bytes)

Product version:
1.0.0.188

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\fidic+silver+book_10924_i50711367_il345.exe

Digital Signature
Signed by:
LLC Arctic West

Authority:
COMODO CA Limited

Valid from:
8/25/2015 3:00:00 AM

Valid to:
8/25/2016 2:59:59 AM

Subject:
CN=LLC Arctic West, O=LLC Arctic West, STREET=Lviv highway 1, L=Mikolaiv, S=Lvovskaja, PostalCode=81600, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
416057CF015B4832DC973BA203AAB312

File PE Metadata
Compilation timestamp:
8/27/2015 2:03:17 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x29F543

Entry point:
68, FF, 69, 6C, 08, E8, 8C, A4, EE, FF, DC, 16, 2A, 8E, F5, 75, 02, 28, 8E, 9A, 2F, 54, 2B, 8E, 5C, 5A, 76, EF, 71, 4F, 07, F2, DA, 71, BE, 55, 67, 2E, 8E, 5A, 72, 40, 28, 8E, 83, DE, 1D, D0, 71, F5, 36, A6, D6, 71, 11, 32, 9A, D5, 71, BD, 0B, 55, 2E, 8E, 38, E9, FC, 2A, 8E, 80, 99, 3E, D4, 71, DC, C6, 4C, D5, 71, 20, 6C, 10, 8E, 08, 4A, 3F, C8, 66, 67, 29, 8E, F9, F8, F6, D3, 71, F7, 5E, CE, D6, 71, 85, C0, 2E, 8E, 92, 55, 9C, 29, 8E, B7, 0C, 2A, 8E, 3A, B7, C0, 37, 0E, 06, 2D, 8E, 51, C3, 5C, 28, 8E, 0E...
 
[+]

Entropy:
7.9562  (probably packed)

Code size:
1.2 MB (1,292,288 bytes)

Remove fidic+silver+book_10924_i50711367_il345.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.