» installer.exe
Overview
Analysis
File Details
Downloads (1)

installer.exe

Installer

Lite

The executable installer.exe, “Installer Setup ” has been detected as malware by 10 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. Infected by the Parite virus, a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives. The file has been seen being downloaded from www.centralconecptbits.com.

File name:

installer.exe

Publisher:

Lite

Product:

Installer

Description:

Installer Setup

MD5:

8e48d57a07b55d780b80ccf346701a4c

SHA-1:

3a93df40c0d19d34001638249a0670d11167da51

SHA-256:

4c0d65283c4f934ae5fd3b45c82507c18d459c37eae450bed09ae241d2e5904f

Scanner detections:

10 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

11/24/2024 3:58:11 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Parite

160215-2

Dr.Web

Win32.Parite.2

9.0.1.05190

Emsisoft Anti-Malware

Win32.Parite

10.0.0.5366

ESET NOD32

Win32/Parite.B virus

8.0.319.0

F-Prot

W32/Parite.B

4.6.5.141

Kaspersky

Virus.Win32.Parite

15.0.0.562

McAfee

Virus.W32/Pate.b

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.213.6622.0

Norman

Win32.Parite.B

17.02.2016 05:18:35

VIPRE Antivirus

Threat.46249

47238

File size:

747.5 KB (765,406 bytes)

Product version:

5.7.4

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\documents and settings\a\mes documents\downloads\installer.exe

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:K23UivLH11CtsfkU3tX1W9Sv2X0bigu7tt6l2ErhO01SCagS0/8No:K23xvbPCefkSlwSuX0ugux2TrhbICatS

Entry address:

0x14000

Entry point:

90, 90, BB, 5A, 52, 09, 00, 90, BE, 24, 40, 41, 00, 68, 98, 05, 00, 00, 5A, 90, 90, FF, 34, 32, 31, 1C, 24, 8F, 04, 32, 90, 83, EA, 04, 90, 90, 75, EF, 90, 90, B2, 2F, 08, 00, 5A, 52, 09, 00, 5A, 52, 49, 00, 1A, CE, 09, 00, C2, A5, 01, 00, 84, AF, 01, 00, 5A, E2, 0B, 00, A5, AD, F6, FF, EE, 82, 49, 00, 3E, 80, 49, 00, 26, 80, 49, 00, 5A, 52, 09, 00, 5A, 52, 09, 00, 5A, 52, 09, 00, EE, CE, 09, 00, 38, 80, 09, 00, 20, 80, 09, 00, 5A, 52, 09, 00, 5A, 52, 09, 00, 5A, 52, 09, 00, 5A, 52, 09, 00, 46, 83, 49, 00... 
[+]

Code size:

37 KB (37,888 bytes)

The file installer.exe has been seen being distributed by the following URL.

http://www.centralconecptbits.com/.../installer.exe

Remove installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.