icsw1.23_0c1f1l1g1l1b0r1p2x0s1m1t1c1p1.23.exe

Rolagu

The application icsw1.23_0c1f1l1g1l1b0r1p2x0s1m1t1c1p1.23.exe, “Rolagu Setup ” has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Product:
Rolagu

Description:
Rolagu Setup

Version:
2.8.1.7

MD5:
b4e9f9c053f69e8ef8bbbde5ad5d2c82

SHA-1:
a018605f64e1b1cfb73e5b0f572ce4b1f50cfa83

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
12/22/2024 4:21:34 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore (L)
17.3.16.13

File size:
1.3 MB (1,320,274 bytes)

Product version:
3.0

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\icsw1.23_0c1f1l1g1l1b0r1p2x0s1m1t1c1p1.23.exe

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xAA98

Entry point:
60, 1A, C4, 0F, B6, F1, 41, 68, 6D, BD, 54, 00, 68, DD, 03, D8, 00, 25, A5, 90, BF, CE, 0F, B6, F6, 69, D1, B4, A8, 4C, EA, 87, C5, F3, 84, E6, 69, D5, 78, DD, A1, 58, 38, CB, 8D, 3D, EB, 30, 4A, EA, 89, CD, 81, F6, 65, 6E, 00, 00, 8A, E9, 88, E7, B6, 2F, 8D, 35, 7E, F2, B8, EC, 46, 87, C1, 0F, AF, D8, B1, 6B, E8, 12, 00, 00, 00, 3B, CF, 70, 02, 86, F2, 88, E5, 38, E2, 33, E9, F7, C6, D0, 13, 54, 7A, F7, C3, 5B, A8, 9D, B1, F3, EB, 0A, 84, FD, C7, C7, 54, 8E, 44, 17, 84, F5, 89, F2, C6, C7, 1B, 81, ED, B5...
 
[+]

Code size:
40.5 KB (41,472 bytes)