import_root_cert.exe

LLC

The application import_root_cert.exe by LLC has been detected as adware by 10 anti-malware scanners.
Publisher:
LLC   (signed and verified)

MD5:
f0e161883eaa4820cffa6dbe2c861c9d

SHA-1:
58de1eaec65d9bf2d2693bc600bc71d3a16fb31e

SHA-256:
0a86df9567775bb2a2b9e4d859d3d9fbf4a61cf06815cb13f35c9c9f7e003fbe

Scanner detections:
10 / 68

Status:
Adware

Analysis date:
12/24/2024 4:42:16 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Mabezat [Wrm]
160518-2

AVG
Win32/Mabezat
2015.0.4591

Dr.Web
Trojan.Zadved.409
9.0.1.05190

Emsisoft Anti-Malware
Win32.Worm.Mabezat.Gen
11.5.0.6191

ESET NOD32
Win32/Mabezat.A virus
8.0.319.0

F-Prot
W32/Mabezat.A-2
4.6.5.141

McAfee
Virus.W32/Mabezat.a
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.223.654.0

Norman
Win32.Worm.Mabezat.Gen
28.05.2016 13:03:37

Reason Heuristics
PUP.Amonitize
16.6.4.4

File size:
256.1 KB (262,255 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\contentprotector\import_root_cert.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
2/14/2016 12:00:00 AM

Valid to:
2/13/2017 11:59:59 PM

Subject:
CN="LLC ""TIMARKO IT""", OU=IT, O="LLC ""TIMARKO IT""", STREET="Vulytsya Lenina, Budynok 33, Korpus A, Ofis", L=Berezanka, S=Mykolayivska, PostalCode=57400, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00AAE91A6E10A17EB04E7058AC5F3C8447

File PE Metadata
Compilation timestamp:
8/3/2012 1:25:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:Z6UV8EAaRUT6bMSOuG3d+tqaIhdnUW9DMa4m8BjuHWiMEmQVnDhq6N4n7gswK3jP:gM6T6bM1p32WGm8WeEmqDDN4n7gsV3jP

Entry address:
0x54EA

Entry point:
BB, F1, AF, D1, 4B, 93, E9, 20, 01, 00, 00, F9, 9F, 02, FE, AA, 2E, 02, FE, 82, 07, 83, 82, 82, 02, 82, 82, 5F, 82, 82, 82, E1, B3, B8, B3, B2, B3, BB, B9, B8, 82, 82, 82, F6, E3, FC, E7, E4, E3, EF, E3, B0, E6, EE, EE, 82, 82, 82, 82, DE, 82, 82, 82, C8, F4, E7, E7, CE, EB, E4, F4, E3, F4, FB, 82, C5, F4, E7, E3, F6, E7, C6, EB, F4, E7, E5, F6, F1, F4, FB, C3, 82, 82, 82, 82, C9, E7, F6, D9, EB, F0, E6, F1, F9, F5, C6, EB, F4, E7, E5, F6, F1, F4, FB, C3, 82, 82, 82, 82, C9, E7, F6, CF, F1, E6, F7, EE, E7...
 
[+]

Code size:
60 KB (61,440 bytes)

Remove import_root_cert.exe - Powered by Reason Core Security