my-summer-car-5795-torrent.exe

INTIS

The application my-summer-car-5795-torrent.exe by INTIS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from downloader.disk.yandex.ru.
Publisher:
INTIS  (signed and verified)

MD5:
37ed33e1893da81045c302f541cd1ae9

SHA-1:
49c0e88b15c0369fd2640a9b83d6de48dd41c39a

SHA-256:
53b42409dc5beee4dd7ae9452cfdffb9f5cb0f49e5ca1dff12c6860067cfeda2

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 2:13:00 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FileTour (M)
17.3.4.3

File size:
2.1 MB (2,235,848 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\my-summer-car-5795-torrent.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
4/16/2016 3:00:00 AM

Valid to:
4/17/2017 2:59:59 AM

Subject:
CN=INTIS, O=INTIS, STREET="Prospekt 40-letija Pobedy, 69, 1, 8", L=Rostov-Na-Donu, S=RU, PostalCode=344072, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E0D42565A341BEBE1BAFBF6CA79F6420

File PE Metadata
Compilation timestamp:
11/9/1987 6:16:02 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

Entry address:
0x205001

Entry point:
E9, F1, 03, 00, 00, EC, FF, E0, E9, 84, 18, 00, 00, BA, 6C, 2D, BF, D8, D8, FF, 68, 02, 53, 60, 00, C3, 77, 16, 85, 0F, BA, E8, B2, 68, 41, 07, B0, A3, 9C, 81, 44, 24, 04, 88, 5A, B0, 5C, 9D, C3, FA, 53, F5, 3F, 68, 2D, 63, 60, 00, 9C, FF, 4C, 24, 04, 9D, C3, 74, 14, 68, 3A, E5, 86, 55, 9C, 81, 6C, 24, 04, FE, 8D, 26, 55, 9D, C3, 90, E9, 84, 0E, 00, 00, CC, D5, E9, 83, 11, 00, 00, FF, 77, 81, E9, A1, 18, 48, FF, 68, A2, B0, 11, 25, 9C, 81, 6C, 24, 04, A6, 5A, B1, 24, 9D, C3, 38, 1D, CB, B9, B5, 0F, 89, FF...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
2 MB (2,079,744 bytes)

The file my-summer-car-5795-torrent.exe has been seen being distributed by the following URL.

https://downloader.disk.yandex.ru/disk/89b48931d795439ab4b69853a021cdf90df59be142d2aa104924e2db3a06dd37/576d74da/.../x-msdownload&fsize=2235848&hid=de3bb6841d3c97eb4b36fea92e7d0945&media_type=executable&tknv=v2&etag=37ed33e1893da81045c302f541cd1ae9

Remove my-summer-car-5795-torrent.exe - Powered by Reason Core Security