home

installer.exe

SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAO LTDA - ME

The application installer.exe by SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAOA - ME has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAO LTDA - ME  (signed and verified)

MD5:
85003c88b7df991ed81582be08d3d815

SHA-1:
ebbe4a1d1395a8379f35256bdda9c8b6b70d3c1d

SHA-256:
8aa326d1332541f874584db1182455e9958b7c0dbfd3054d5467d6eeda2a2bab

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 10:57:46 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SOFTWARECENTERINFORMATICAAME.Installer
16.5.16.18

File size:
5.5 MB (5,761,904 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\installer.exe

Digital Signature
Signed by:
SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAO LTDA - ME

Authority:
GlobalSign nv-sa

Valid from:
10/20/2015 4:59:00 AM

Valid to:
10/20/2016 4:59:00 AM

Subject:
CN=SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAO LTDA - ME, OU=TI, O=SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAO LTDA - ME, L=SAO BERNARDO DO CAMPO, S=SAO PAULO, C=BR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121AA0F08A8D60878BA42D485354A250087

File PE Metadata
Compilation timestamp:
11/17/2015 3:35:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

CTPH (ssdeep):
98304:ePbrHPGPN7Ph2YpvC01PGPNaibVEbHIn+ObUXIMWC8CqrvjThuQzmX7YN9AwVtAv:e0tZ2YpvC0103WHIn+OhBC857mc0wPAv

Entry address:
0x14E0

Entry point:
83, EC, 0C, C7, 05, 98, 33, EF, 00, 00, 00, 00, 00, E8, 3E, 47, 00, 00, 83, C4, 0C, E9, 86, FC, FF, FF, 90, 90, 90, 90, 90, 90, 55, 89, E5, 57, 56, 53, 83, EC, 2C, 8B, 35, 40, 43, EF, 00, C7, 04, 24, 00, 80, 40, 00, FF, D6, 83, EC, 04, 85, C0, 0F, 84, BD, 00, 00, 00, 89, C3, C7, 04, 24, 00, 80, 40, 00, FF, 15, 84, 43, EF, 00, 8B, 15, 44, 43, EF, 00, 83, EC, 04, A3, E0, 33, EF, 00, C7, 44, 24, 04, 13, 80, 40, 00, 89, 1C, 24, 89, 55, E4, FF, D2, 83, EC, 08, 89, C7, 8B, 55, E4, C7, 44, 24, 04, 29, 80, 40, 00...
 
[+]

Code size:
23.5 KB (24,064 bytes)

Remove installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.