» mytotaltv_installer_692.exe
Overview
Analysis
File Details
Downloads (1)

mytotaltv_installer_692.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from dc762.4shared.com.

File name:

MD5:

2102a693d38cbcb70637746361930291

SHA-1:

96a8dc7810c55b0b2d4ea72763abb1bcf82a3d92

SHA-256:

bc98aca914e43e0b4791149520140c21019e450d0c32a9d0c0704d693aa45f20

Scanner detections:

3 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/16/2024 12:39:35 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

AIT:Trojan.Autoit.CKL

5679422

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.1930

MicroWorld eScan

AIT:Trojan.Autoit.CKL

16.0.0.468

File size:

4.1 MB (4,317,184 bytes)

File type:

Executable application (Win64 EXE)

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\programs\mytotaltv_installer_692.exe

File PE Metadata

Compilation timestamp:

5/31/2015 8:57:10 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

98304:utaDU3lPaBdh3SzzJ/pSaU/tEPoi2ny71:HCsnZSh/pVEqgi+y

Entry address:

0x2C9D4

Entry point:

48, 83, EC, 28, E8, CF, AF, 00, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 10, 41, B9, 02, 00, 00, 00, 33, C9, 45, 8D, 51, FF, 44, 89, 0D, 33, 6A, 0A, 00, 41, 8B, C2, 44, 89, 15, 25, 6A, 0A, 00, 0F, A2, 89, 04, 24, 89, 5C, 24, 04, 89, 54, 24, 0C, 0F, BA, E1, 14, 73, 2B, 44, 89, 0D, 0B, 6A, 0A, 00, C7, 05, 05, 6A, 0A, 00, 06, 00, 00, 00, 0F, BA, E1, 1C, 73, 14, C7, 05, F1, 69, 0A, 00, 03, 00, 00, 00, C7, 05, EB, 69, 0A, 00, 0E, 00, 00, 00, 44, 8B, 05, C0, CF, 0A, 00, 33, C9, B8, 07... 
[+]

Entropy:

7.7404 (probably packed)

Code size:

656.5 KB (672,256 bytes)

The file mytotaltv_installer_692.exe has been seen being distributed by the following URL.

http://dc762.4shared.com/download/.../MyTotalTV_Installer_692.exe

Scan mytotaltv_installer_692.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.