forcause-gemayvirus_nad.exe

Domain Web Developers, LLC

The application forcause-gemayvirus_nad.exe by Domain Web Developers has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Domain Web Developers, LLC  (signed and verified)

Version:
0.9.5.6

MD5:
2a7c9f39e65298d2a0b02f9d0534055d

SHA-1:
2bb5bdeb1bd872f3dbcfa6aed58ebad880b76691

SHA-256:
4c716e10e629c412ceb1cd0bd61feeb70fee35dc64b12aa644f740c1a5ab42f2

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 1:33:36 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BrowseForCause (M)
16.11.15.13

File size:
3.9 MB (4,119,912 bytes)

Product version:
1.3.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\forcause-gemayvirus_nad.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
8/12/2013 5:00:00 PM

Valid to:
9/12/2014 4:59:59 PM

Subject:
CN="Domain Web Developers, LLC", O="Domain Web Developers, LLC", L=New Orleans, S=Louisiana, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
59BF5622E40C340025BEF5E89FCD5B0C

File PE Metadata
Compilation timestamp:
8/13/2013 1:27:08 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:xbS+/xZfSWOysvDt9S9Pr8k4gBbktAtVdRDW0Wi4/Hkq6z2bgLfgL25xT7VGNyVZ:tS+/xVS+gc8OrtXRq07q6SZNyTrD

Entry address:
0x26B8

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, B0, 74, 00, A1, 9F, B0, 74, 00, C1, E0, 02, A3, A3, B0, 74, 00, 52, 6A, 00, E8, 23, 71, 34, 00, 8B, D0, E8, 0E, 5E, 33, 00, 5A, E8, 30, 5D, 33, 00, E8, 5F, 5F, 33, 00, 6A, 00, E8, 5C, 7C, 33, 00, 59, 68, 48, B0, 74, 00, 6A, 00, E8, FD, 70, 34, 00, A3, A7, B0, 74, 00, 6A, 00, E9, 7F, 23, 34, 00, E9, 8E, 7C, 33, 00, 33, C0, A0, 91, B0, 74, 00, C3, A1, A7, B0, 74, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, F0, 00, 00, 00, 0B, C9...
 
[+]

Entropy:
6.5790

Code size:
3.3 MB (3,448,832 bytes)

Remove forcause-gemayvirus_nad.exe - Powered by Reason Core Security