» linkin park feat evanescence bring me back to life.mp3.exe
Overview
Analysis
File Details

linkin park feat evanescence bring me back to life.mp3.exe

Edward Kosar

The application linkin park feat evanescence bring me back to life.mp3.exe by Edward Kosar has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.

File name:

Publisher:

Edward Kosar (signed and verified)

MD5:

082fa36e37e8715771e05f8c0d9b3def

SHA-1:

131c634a7fb69230037ecb8dd1b7702b5444c39a

SHA-256:

440dae6aa03494453e80c2180d2977e7c0498e23fd4d63aaf22da1c8fd339c39

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/27/2024 3:46:05 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.3.12.22

File size:

1.1 MB (1,131,200 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\temp\linkin park feat evanescence bring me back to life.mp3.exe

Digital Signature

Signed by:

Edward Kosar

Authority:

Unizeto Technologies S.A.

Valid from:

6/26/2014 11:45:00 AM

Valid to:

6/26/2015 11:45:00 AM

Subject:

E=edwakos@gmail.com, CN=Edward Kosar, O=Edward Kosar, C=UA

Issuer:

CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

0475B2986B93BD1CFDD9597BD0FB24A9

File PE Metadata

Compilation timestamp:

7/8/2012 3:06:43 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

Entry address:

0x7B01

Entry point:

E8, 06, 34, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 10, 22, 44, 00, E8, 39, 0C, 00, 00, E8, D3, 35, 00, 00, 0F, B7, F0, 6A, 02, E8, 99, 33, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, AB, 04, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.8254

Code size:

240.5 KB (246,272 bytes)

Remove linkin park feat evanescence bring me back to life.mp3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.