home

InternetInstaller.exe

InternetInstaller

Mail.Ru

This is a self-extracting archive and installer. The file has been seen being downloaded from storage.icq.com.
Publisher:
Mail.Ru

Product:
InternetInstaller

Description:
Установщик браузера Интернет с сервислами Mail.Ru

Version:
1, 0, 0, 138

MD5:
30f67c76f343bf2587d1db4eeb7120b5

SHA-1:
5f74fdb98560a05a8cccc820ac6bba6e17f2bcb7

SHA-256:
4bd0a11ed60f9837c48b24a346a99ebf3ca826a1c2380c2d524a12dc11a0013c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 1:15:45 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.RCEH1H6
7.2.201

File size:
23.5 MB (24,689,664 bytes)

Product version:
1, 0, 0, 138

Copyright:
Copyright 2011

Original file name:
InternetInstaller.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\internetinstaller.exe

File PE Metadata
Compilation timestamp:
4/2/2012 6:13:38 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:TqJXWuM/JJ/nQBclgVlxLgV9DGhE/Jyf6hPBWrIdXyelkE4/TvaPwcsqRxxXfLel:UXoz/QBYgQDGhE/o6bWrIpyelkhLmnXL

Entry address:
0x15982C

Entry point:
E8, 0A, C8, 00, 00, E9, 79, FE, FF, FF, 75, 01, C3, 55, 8B, EC, 83, EC, 00, 50, 52, 53, 56, 57, 6A, 00, FF, 75, 04, E8, 2E, CB, 00, 00, 59, 59, 5F, 5E, 5B, 5A, 58, 8B, E5, 5D, C3, 8B, FF, 55, 8B, EC, 51, 51, 53, 56, 8B, F2, 33, DB, 39, 1E, 8B, D1, 89, 55, F8, 89, 5D, FC, 7E, 3F, 57, BF, CC, CC, CC, CC, 8B, 46, 04, 03, C3, 8B, 08, 39, 7C, 11, FC, 75, 0A, 8B, 40, 04, 03, C1, 39, 3C, 10, 74, 14, 8B, 46, 04, FF, 74, 18, 08, FF, 75, 04, E8, 19, CB, 00, 00, 8B, 55, F8, 59, 59, FF, 45, FC, 8B, 45, FC, 83, C3, 0C...
 
[+]

Code size:
1.5 MB (1,573,376 bytes)

The file InternetInstaller.exe has been seen being distributed by the following URL.

http://storage.icq.com/.../InternetInstaller.exe

Scan InternetInstaller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.