home

Janela Fake 2.0 Premium.exe

PiR@DeX

This is a setup program which is used to install the application. The file has been seen being downloaded from dc228.4shared.com.
Publisher:
PiR@DeX

Product:
 

Version:
3.00

MD5:
8e33c15e4812c52cf6d722ee0674ce15

SHA-1:
1b5054c31b7053ee85b203c1b9f3dbfb59ad5fe9

SHA-256:
9b7b9145e5735d74c5d656523cc84e7365b6839ba41a27285f3cda78048f6487

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/6/2024 3:47:53 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/HideProc.ols
8.3.2.4

G Data
Win32.Trojan.VB.AKB
16.1.25

IKARUS anti.virus
Trojan.Win32
t3scan.1.9.5.0

File size:
136 KB (139,264 bytes)

Product version:
3.00

Original file name:
Janela Fake 2.0 Premium.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\janela fake 2.0 premium.exe

File PE Metadata
Compilation timestamp:
2/28/2011 8:35:11 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:fUgXMxKXYoQ3kIxV/hvyYyzAwqiKs5gZy8hQsazvmIQis9YJIc6Yom+nDa/hUJ7j:6LxzqYCHJ5gVzaSCzJIc6Yom+n8Seg

Entry address:
0x1B2C

Entry point:
68, B0, 35, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, A8, 66, 2A, 53, 8B, 32, 7E, 48, BD, 2C, 0B, D6, C3, BA, D7, 80, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 46, 69, 72, 65, 43, 68, 65, 61, 74, 73, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 20, D6, 0B, A1, FF, D7, B6, 8A, 40, A3, 7A, D9, BD, 9C, B9, 09, 13, 6D, BA, 92, 23, 08, 50, 1A, 4B, AC, 6C, 4A, EF, 93, C3, 4E, 1F, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
124 KB (126,976 bytes)

The file Janela Fake 2.0 Premium.exe has been seen being distributed by the following URL.

http://dc228.4shared.com/download/.../Janela_Fake_20_Premium.exe

Scan Janela Fake 2.0 Premium.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.