home

installca.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from ru.originaldll.com.
MD5:
eed0e0e131b23cf08756ae7128429048

SHA-1:
e608d64d7b0185a15c93b40c2237eded2a51fede

SHA-256:
bb197631196001a85f61201cab7bbc12c3e7e1ae243e0ee0e215e0080b5ec144

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 5:15:46 AM UTC  (today)

File size:
1.2 MB (1,304,576 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/20/1992 4:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:cBxG8ihAl+3KdgkB6ntdN+1wHK7xQfEH7u0hlrQaX4jJ:cK9f+gksntdN+1dVvHqEjQJ

Entry address:
0x76E60

Entry point:
55, 8B, EC, 83, C4, F0, B8, 18, 6C, 47, 00, E8, 38, F6, F8, FF, A1, AC, 8A, 47, 00, 8B, 00, E8, 78, 2A, FE, FF, 8B, 0D, A8, 8B, 47, 00, A1, AC, 8A, 47, 00, 8B, 00, 8B, 15, C0, 45, 47, 00, E8, 78, 2A, FE, FF, A1, AC, 8A, 47, 00, 8B, 00, E8, EC, 2A, FE, FF, E8, 4B, D4, F8, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
472 KB (483,328 bytes)

The file installca.exe has been seen being distributed by the following URL.

http://ru.originaldll.com/.../40131.exe

Scan installca.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.