home

jAlbum-install.exe

jAlbum

Jalbum AB

This is a setup and installation application. The file has been seen being downloaded from jalbum.net and multiple other hosts.
Publisher:
Jalbum AB  (signed and verified)

Product:
jAlbum

Description:
Installer for jAlbum

Version:
12.4

MD5:
0a3e569e7654929252061a19e05fb182

SHA-1:
a3ec7b7abdddae223d8471e4bd8ae2ddf0a43e4f

SHA-256:
9e50553a180e472f38d7e7d2780ee8d47605fc8036f11fa173fcf59f57b453aa

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/15/2024 6:51:24 AM UTC  (today)

Scan engine
Detection
Engine version

NANO AntiVirus
Trojan.Win32.DarkKomet.dlllkb
0.30.0.64448

Zillya! Antivirus
Backdoor.DarkKomet.Win32.26240
2.0.0.2038

File size:
112.3 MB (117,726,792 bytes)

Product version:
12.4

Copyright:
Copyright (C) 2015 Jalbum AB

Original file name:
jAlbum-install.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\jalbum-install.exe

Digital Signature
Signed by:
Jalbum AB

Authority:
Trustwave Holdings, Inc.

Valid from:
3/6/2014 5:37:23 AM

Valid to:
3/9/2015 11:37:23 AM

Subject:
C=SE, S=Stockholm, L=Stockholm, O=Jalbum AB, CN=Jalbum AB

Issuer:
E=ca@trustwave.com, CN="Trustwave Code Signing CA, Level 2", O="Trustwave Holdings, Inc.", L=Chicago, S=Illinois, C=US

Serial number:
064059D3F26E3A0A08BC2AA1F1CC8BB20AF922

File PE Metadata
Compilation timestamp:
12/22/2014 5:23:08 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3145728:sVFLRWqzEmWZiLrBHBolk/ALQpUrasizUGu/x0AfD:SFkqfWGWlkXpq3xxL

Entry address:
0x3275E

Entry point:
E8, B9, 9F, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 04, 8B, 4C, 24, 08, F7, C2, 03, 00, 00, 00, 75, 3C, 8B, 02, 3A, 01, 75, 2E, 0A, C0, 74, 26, 3A, 61, 01, 75, 25, 0A, E4, 74, 1D, C1, E8, 10, 3A, 41, 02, 75, 19, 0A, C0, 74, 11, 3A, 61, 03, 75, 10, 83, C1, 04, 83, C2, 04, 0A, E4, 75, D2, 8B, FF, 33, C0, C3, 90, 1B, C0, D1, E0, 83, C0, 01, C3, F7, C2, 01, 00, 00, 00, 74, 18, 8A, 02, 83, C2, 01, 3A, 01, 75, E7, 83, C1, 01, 0A, C0, 74, DC, F7, C2, 02, 00, 00, 00, 74, A4, 66, 8B...
 
[+]

Code size:
281.5 KB (288,256 bytes)

The file jAlbum-install.exe has been seen being distributed by the following 3 URLs.

http://jalbum.net/;jsessionid=1mjhjlyz0oux5s8626q9s34gs?wicket:interface=:1::::

http://download.jalbum.net/download/12.4/Windows/.../jAlbum-install.exe

http://gsf-cf.softonic.com/a3e/c7b/.../jAlbum-install.exe

Scan jAlbum-install.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.