home

installer-emule.exe

eMule-installer

e-Premium Organisation, info@e-premium-download.com

This is a self-extracting archive and installer.
Publisher:
e-Premium Organisation, info@e-premium-download.com

Product:
eMule-installer

Description:
Packaged with Paquet Builder - Freeware edition. Personal use only.

Version:
0.49.2.0

MD5:
88fa64ffeb39b44a03197fe9196e098e

SHA-1:
f99f28ecadfb7e7ad59b1132cbcd33f8ade3beb2

SHA-256:
3e096b4294426464953b584487ca3c783fd7b9e28511041e9bfa291b4407d16b

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/30/2024 10:26:39 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
Suspicious_GEN.F47V0729
7.2.29

Vba32 AntiVirus
suspected of Archive.MailBomb
3.12.26.3

File size:
3.4 MB (3,534,337 bytes)

Product version:
0.49.2.0

Copyright:
e-Premium Creatiel LLC

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\installer-emule.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:N3O+mlyR5whabMEosATOcXSHo3cg8OZLWqH+llUBSv/t3fzEsYpfrVzfpXP:9Ozg5PoWApZqc+ll2c13fzEDpfFf5

Entry address:
0x30F0

Entry point:
55, 8B, EC, 83, C4, F4, B8, B8, 30, 01, 00, E8, 1C, EB, FF, FF, E8, 43, FF, FF, FF, E8, 7E, FF, FF, FF, E8, 15, FE, FF, FF, E8, 30, E6, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
8.5 KB (8,704 bytes)

The file installer-emule.exe has been seen being distributed by the following URL.

ftp://ftp2.abcmulti.com/abcmultic/.../installer-emule.exe

Scan installer-emule.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.