home

MicrosoftSilverlightSetup-26084991.exe

Microsoft Silverlight

Download Assistant

The application MicrosoftSilverlightSetup-26084991.exe has been detected as a potentially unwanted program by 19 anti-malware scanners. The file has been seen being downloaded from analytics.filehostcdn.com.
Publisher:
Download Assistant

Product:
Microsoft Silverlight

Version:
3.0.0.108

MD5:
e19c132174d11bd3656b4af2737676c2

SHA-1:
eec62009f857b49b60527339415bc06d95637b61

SHA-256:
66b2b6740ccc7cbfa1f08a1aec68eefa634e597b5c036702596115312993bc15

Scanner detections:
19 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:
11/27/2024 11:08:23 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Trojan.Heur.JP.8u0@aGe9EZpi
5758984

AhnLab V3 Security
PUP/Win32.Bundler
2015.11.14

Arcabit
Trojan.Heur.JP.EA1B4B
1.0.0.593

Bitdefender
Gen:Trojan.Heur.JP.8u0@aGe9EZpi
1.0.20.1585

Bkav FE
HW32.Packed
1.3.0.7383

Comodo Security
Application.Win32.DownloadAssistant.A
23584

Dr.Web
Trojan.Vittalia.199
9.0.1.05190

Emsisoft Anti-Malware
Gen:Trojan.Heur.JP.8u0@aGe9EZpi
10.0.0.5366

ESET NOD32
Win32/DownloadAssistant.A potentially unwanted application
7.0.302.0

F-Prot
W32/S-60c48de2
v6.4.7.1.166

F-Secure
Gen:Trojan.Heur.JP.8u0@aGe9EZpi
5.15.21

G Data
Gen:Trojan.Heur.JP.8u0@aGe9EZpi
15.11.25

Kaspersky
not-a-virus:HEUR:Downloader.Win32.DownloadAsist
14.0.0.1126

MicroWorld eScan
Gen:Trojan.Heur.JP.8u0@aGe9EZpi
16.0.0.951

NANO AntiVirus
Trojan.Win32.Vittalia.ducmgh
0.30.26.4437

Norman
Gen:Trojan.Heur.JP.8u0@aGe9EZpi
28.10.2015 12:55:53

Panda Antivirus
Trj/Genetic.gen
15.11.13.07

Qihoo 360 Security
QVM20.1.Malware.Gen
1.0.0.1077

Vba32 AntiVirus
Downloader.DownloadAsist
3.12.26.4

File size:
960.2 KB (983,274 bytes)

Product version:
3.0.0.108

Copyright:
(c) Download Assistant

Original file name:
MicrosoftSilverlightSetup-26084991.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
7/13/2015 12:35:48 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:bKr2ZVFaDqw/ymvhVujGva/7oITd0NM9446dAyRznazUmkXfzK:b+GVFcRymSN/F0NMm4s9agjXbK

Entry address:
0x1288

Entry point:
55, 8B, EC, 83, EC, 14, 53, 56, 57, 6A, 00, FF, 15, 08, 20, 49, 00, 8B, F8, 33, D2, 8B, CF, 8B, 5F, 3C, 03, DF, 89, 5D, FC, 0F, B7, 73, 14, 83, C6, 18, 03, F3, 2B, 05, 1C, 10, 40, 00, 89, 45, F0, 1B, D2, 89, 75, EC, F7, D8, 89, 55, F4, 83, D2, 00, F7, DA, 52, 8B, 93, A0, 00, 00, 00, 50, 8B, 46, 0C, 03, 05, 28, 10, 40, 00, 50, FF, B3, A4, 00, 00, 00, E8, C6, FD, FF, FF, 56, FF, 35, 28, 10, 40, 00, 8B, CF, E8, 42, FF, FF, FF, A1, 20, 10, 40, 00, 83, C4, 18, 83, C6, 28, 83, F8, 01, 76, 18, 56, FF, 35, 2C, 10...
 
[+]

Entropy:
7.0515

Developed / compiled with:
Microsoft Visual C++

Code size:
577 KB (590,848 bytes)

The file MicrosoftSilverlightSetup-26084991.exe has been seen being distributed by the following URL.

http://analytics.filehostcdn.com/v2/click/8t0lhg4x/?d=http://file.org/dl/redir/inst/c4b91587d2cb64d3a397df59365c200a-Silverlight.exe&key=06de71c6c3a682d269fdecafcc8b2b91e36547ca490090370db019f21027fde6&sid=&uid=&affiliate_image=&product_image=http://file.org/.../empty.gif&n=Microsoft Silverlight&filename=MicrosoftSilverlightSetup-26084991

Remove MicrosoftSilverlightSetup-26084991.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.