install-tl.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from archive.cs.uu.nl and multiple other hosts.
MD5:
545a6bbb28830fd6731de333cddc2c38

SHA-1:
bb85e4199ae342c33b87785ce290ba6cecacb94e

SHA-256:
01a14527fc2391a0090edbdeb11ecba74a347a384db7e743481579f070f04a69

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/26/2024 12:36:24 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.Win32.Generic.12DFC3C1!316654529
23.00.65.14208

Trend Micro House Call
TROJ_GEN.F47V0818
7.2.41

File size:
13.2 MB (13,797,133 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\install-tl.exe

File PE Metadata
Compilation timestamp:
5/8/2010 5:11:31 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
393216:7ubHhn7aCy5i/9d0/57g9cCwkZLnev8UT8:7u92p5iv0h7krwkAvB8

Entry address:
0x4048

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, E8, A7, 58, 00, 00, C7, 04, 24, 01, 80, 00, 00, E8, 0B, 52, 00, 00, 56, C7, 04, 24, 00, 00, 00, 00, E8, DE, 58, 00, 00, A3, 8C, 43, 7A, 00, 53, C7, 04, 24, 08, 00, 00, 00, E8, 26, 32, 00, 00, A3, 3C, 44, 7A, 00, 8D, 85, 84, FE, FF, FF, 51, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, A4, B2, 40, 00, E8, 78, 57, 00, 00, 83, EC, 14, C7, 44, 24, 04, A5, B2, 40, 00, C7, 04, 24, 6C, 44...
 
[+]

Code size:
34.5 KB (35,328 bytes)

The file install-tl.exe has been seen being distributed by the following 2 URLs.

Scan install-tl.exe - Powered by Reason Core Security