justin-bieber--pyd-feat.-r.-kelly.exe

Smart Installer

RBMF TECHNOLOGIES LLC

The application justin-bieber--pyd-feat.-r.-kelly.exe by RBMF TECHNOLOGIES has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory.
Publisher:
Smart Installer LLC  (signed by RBMF TECHNOLOGIES LLC)

Product:
Smart Installer

Version:
1.0.3

MD5:
94dd6851d399884cfc869df2b9f180ef

SHA-1:
00b0e6504980a60ab6805eba3a0c4a28af529f8e

SHA-256:
1d5703e463fd63838a2a466a638f2848001b7c606098fd920569ddc952d0e647

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 6:31:45 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.8.14.19

File size:
1.1 MB (1,144,544 bytes)

Product version:
1.0.3

Copyright:
(c) Smart Installer LLC. All rights reserved.

Original file name:
SmartInstaller

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\justin-bieber--pyd-feat.-r.-kelly.exe

Digital Signature
Authority:
Starfield Technologies, Inc.

Valid from:
7/15/2015 1:43:39 PM

Valid to:
5/6/2016 6:02:40 PM

Subject:
CN=RBMF TECHNOLOGIES LLC, O=RBMF TECHNOLOGIES LLC, L=Lewes, S=Delaware, C=US

Issuer:
CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00F90F6E2AC96F70F3

File PE Metadata
Compilation timestamp:
7/15/2015 7:13:17 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:TkjoYQPjrlKTCck1c2CwyTUHuUjrhmrJdEt+:QkYCr7e2ET6uTJdEt+

Entry address:
0x26F000

Entry point:
56, 50, 53, E8, 01, 00, 00, 00, CC, 58, 89, C3, 40, 2D, 00, 50, 0C, 00, 2D, 60, EA, 0C, 10, 05, 57, EA, 0C, 10, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, 13, 2F, FC, 55, 68, 96, 0B, 7F, 6F, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 00, 89, 44, 24, 08, 5B, 58, C3, 55, 89, E5, 50, 53, 51, 56, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, 85, C9, 74, 0A, 31, 06, 01, 1E, 83, C6, 04, 49, EB, F2, 5E, 59, 5B, 58, C9, C2, 10, 00, F9, 6B, 67, 1A, 45, 12, 3A, 87, AC, 17, 5A, 6B, 72, BA, 57, 13...
 
[+]

Code size:
567 KB (580,608 bytes)

Remove justin-bieber--pyd-feat.-r.-kelly.exe - Powered by Reason Core Security