home

microsoft_excel_sciagnij.pl.exe

Sciagnij.pl

AGORA S.A.

The file microsoft_excel_sciagnij.pl.exe, “Manager pobierania Sciagnij.pl” has been detected as a potentially unwanted program by 22 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from www.gamecorner.pl.
Publisher:
AGORA S.A.

Product:
Sciagnij.pl

Description:
Manager pobierania Sciagnij.pl

Version:
2.0

MD5:
a0d496c323d47a6092e5626901aa895f

SHA-1:
3e065fa0e131a66e3dc44140043a71604f66f2a4

SHA-256:
d2d1cf5241a3ce4cc8146661530f6f603b7ae51c59295bcd7d0f515b2e20dfc1

Scanner detections:
22 / 68

Status:
Potentially unwanted

Analysis date:
11/25/2024 2:44:40 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.NW
348

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.Bundler
2015.08.04

Avira AntiVirus
PUA/Sciagnij.AB
8.3.1.6

Arcabit
Application.Bundler.NW
1.0.0.425

avast!
Win32:Malware-gen
2014.9-160222

AVG
BundleApp
2017.0.2826

Baidu Antivirus
PUA.Win32.Sciagnij
4.0.3.16222

Bitdefender
Application.Bundler.NW
1.0.20.265

Clam AntiVirus
Win.Trojan.Bundler-55
0.98/21511

ESET NOD32
Win32/Sciagnij.A potentially unwanted (variant)
10.12039

Fortinet FortiGate
Riskware/Sciagnij
2/22/2016

F-Secure
Application.Bundler.NW
11.2016-22-02_2

G Data
Application.Bundler.NW
16.2.25

IKARUS anti.virus
PUA.Sciagnij
t3scan.1.9.5.0

K7 AntiVirus
Adware
13.207.16775

McAfee
Artemis!A0D496C323D4
5600.6482

MicroWorld eScan
Application.Bundler.NW
17.0.0.159

Panda Antivirus
Trj/Genetic.gen
16.02.22.09

Sophos
Generic PUA DO (PUA)
4.98

Trend Micro
TROJ_GEN.R01TC0OGM15
10.465.22

VIPRE Antivirus
Trojan.Win32.Generic
42608

File size:
2.1 MB (2,164,736 bytes)

Copyright:
AGORA S.A.

Language:
Polish (Poland)

Common path:
C:\users\{user}\downloads\microsoft_excel_sciagnij.pl.exe.part

File PE Metadata
Compilation timestamp:
6/19/2015 12:45:22 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.21

CTPH (ssdeep):
24576:yj6eugeoST0UvtN+eVHjK7mZIQ45lfRz5D/+ObBWP95xOfMVudkBHcDrQfSFb2zn:seoatN+eJKiCfOwaEQfSnHc

Entry address:
0x7EFAF0

Entry point:
60, BE, 15, 10, 9E, 00, 8D, BE, EB, FF, A1, FF, C7, 87, F4, 0F, 7E, 00, 67, CB, 19, 6C, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
2.1 MB (2,158,592 bytes)

The file microsoft_excel_sciagnij.pl.exe has been seen being distributed by the following URL.

http://www.gamecorner.pl/.../install.servlet?id=10669&systemId=26

Remove microsoft_excel_sciagnij.pl.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.