» installer.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

installer.exe

Installer B1 Free Archiver

Catalina Group Ltd

The application installer.exe by Catalina Group has been detected as a potentially unwanted program by 6 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program B1 Free Archiver by Catalina Group Ltd. This file is typically installed with the program B1 Free Archiver by Catalina Group Ltd.

File name:

installer.exe

Publisher:

http://b1.org/ (signed by Catalina Group Ltd)

Product:

Installer B1 Free Archiver

Version:

2, 6, 27, 0

MD5:

dd7f8460f0d0df0a80a958fe4498468a

SHA-1:

224be89f44d4acaf96ee0c0f695ac70a0100914c

SHA-256:

cff6500a2e65d558a3b5a1b39f917e324d4a5cb8b35a778a122f60e118751d2b

Scanner detections:

6 / 68

Status:

Potentially unwanted

Analysis date:

11/27/2024 12:34:55 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

PUA/4Shared.Gen4

8.3.1.6

Dr.Web

Adware.Downware.10841

9.0.1.0206

Emsisoft Anti-Malware

Backdoor.Bot.135374

8.15.08.26.06

Reason Heuristics

PUP.Catalina.CatalinaGroup.Installer (M)

15.7.25.6

Rising Antivirus

PE:PUF.4Shared!1.9C25

23.00.65.15824

Trend Micro House Call

TROJ_GEN.F47V0111

7.2.238

File size:

26.9 MB (28,180,280 bytes)

Product version:

2, 6, 27, 0

Original file name:

Installer

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\b1 free archiver\installer.exe

Digital Signature

Signed by:

Catalina Group Ltd

Authority:

Catalina Group Ltd

Valid from:

4/16/2015 6:53:24 AM

Valid to:

12/31/2039 6:59:59 PM

Subject:

CN=Catalina Group Ltd

Issuer:

CN=Catalina Group Ltd

Serial number:

F16F6DA8DF8C458545A6335860591E9C

File PE Metadata

Compilation timestamp:

5/21/2015 7:22:09 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

786432:Kvj5Q4yAO/Uu1hIBZby/+EExMD119R8dcTMnGGP:WQ4yrbhIbbnxMh19RKGGP

Entry address:

0x5B26A

Entry point:

E8, 9F, DA, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04... 
[+]

Entropy:

7.9657 (probably packed)

Code size:

470 KB (481,280 bytes)

Program Uninstaller

Program name:

B1 Free Archiver

Display publisher:

Catalina Group Ltd

Display version:

0.0.0.0

Uninstall string:

"C:\Program Files\B1 Free Archiver\installer.exe" "C:\Program Files\B1 Free Archiver\uninstall.xml"

The file installer.exe has been discovered within the following program.

B1 Free Archiver by Catalina Group Ltd

About 5% of users remove it

Remove installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.