home

internet-explorer_9.0.2_setup.exe

The application internet-explorer_9.0.2_setup.exe has been detected as a potentially unwanted program by 11 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.findmysoft.com and multiple other hosts.
MD5:
2c56e5e68f40e73d121183bc32ceb5e3

SHA-1:
9d7045082b149fa505f4552f1553bc65102125bf

SHA-256:
1926cbacc63c209bb72f86d89227d408a10788a3c75e225545b329f7cc19259c

Scanner detections:
11 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/17/2024 11:28:30 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.InstallCore
2014.09.02

Avira AntiVirus
ADWARE/InstallCore.Gen
7.11.170.136

AVG
Adware MultiBundle.AC
2014.0.4311

Dr.Web
Adware.InstallCore.80
9.0.1.092

ESET NOD32
Win32/InstallCore.AZ potentially unwanted application
9.7.0.302.0

F-Prot
W32/InstallCore.S.gen
v6.4.6.5.141

herdProtect (fuzzy)
variant of icreinstall_intuix-300-kpixel-webcam-vista_setup.exe (Adware)
2015.7.7.15

K7 AntiVirus
Trojan
13.202.15469

NANO AntiVirus
Riskware.Win32.InstallCore.cwwxyj
0.28.2.61942

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.15331

VIPRE Antivirus
Threat.4788237
32210

File size:
1.2 MB (1,249,912 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\internet-explorer_9.0.2_setup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:quX0eLLrMu0d5CyMoBJwMrmSWgXIEMv8Gfvb79764+84STLMnqTjTN0G:qG0eLLrMu0tMgwMqSWXAGfvb7977Us3N

Entry address:
0xD6390

Entry point:
55, 8B, EC, 83, C4, F0, B8, E0, 6C, 41, 00, E8, C0, D7, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8123

Developed / compiled with:
Microsoft Visual C++

Code size:
869.5 KB (890,368 bytes)

The file internet-explorer_9.0.2_setup.exe has been seen being distributed by the following 2 URLs.

http://www.findmysoft.com/dl/.../internet-explorer_9.0.2_setup.exe

http://www.findmysoft.com/dl/.../internet-explorer_9.0.2_setup.exe

Remove internet-explorer_9.0.2_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.