home

network_routing_algorithms_protocols_and_architectures_solution_manual_downloader.exe

Install

Trash Mount Inc. LLC

The application network_routing_algorithms_protocols_and_architectures_solution_manual_downloader.exe by Trash Mount has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from doc-0k-3o-docs.googleusercontent.com.
Publisher:
ElectroCity Inc  (signed by Trash Mount Inc. LLC)

Product:
Install

Description:
Installer

Version:
1, 0, 1075, 1

MD5:
682479b441edb9619c4dee39bb5e645f

SHA-1:
cec9711b85537084dd111daacbfcd5ca9f3a7d82

SHA-256:
aa92fbc29d6858d880b2a3b232e2a8572dadf4a2916aa18df9e765569295af49

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 4:20:58 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ExpressDownloader (M)
16.8.2.0

File size:
3.7 MB (3,850,392 bytes)

Product version:
2.0.0.1

Copyright:
Copyright(C) 2016

Original file name:
install.exe

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\downloads\network_routing_algorithms_protocols_and_architectures_solution_manual_downloader.exe

Digital Signature
Signed by:
Trash Mount Inc. LLC

Authority:
Trash Mount Inc. LLC

Valid from:
2/10/2016 8:27:53 AM

Valid to:
2/9/2017 8:27:53 AM

Subject:
CN=Trash Mount Inc. LLC, OU=Trash Mount Inc., O=Trash Mount Inc. LLC, S=Liverpool, C=UK

Issuer:
CN=Trash Mount Inc. LLC, C=UK, S=Liverpool, L=Liverpool, E=admin@trashmount.com, OU=Trash Mount Inc., O=Trash Mount Inc. LLC

Serial number:
100001

File PE Metadata
Compilation timestamp:
2/9/2016 6:00:04 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
98304:jjvjjXF/ac/nEf5+oxPOiHByAo0Qc9aaa1K:PjxXnEf5+q2YK1K

Entry address:
0x7DDC55

Entry point:
68, A3, BD, 50, A5, C7, 04, 24, 7F, E4, B7, 5E, E9, 28, 47, FF, FF, F5, 55, 39, D0, 50, 68, 1B, B1, AE, 95, E9, 07, CA, FF, FF, BD, 58, 70, DB, 71, 8D, DD, 09, A7, BE, C7, 8E, 97, 42, 4B, EE, F7, 8A, 93, 42, 13, 9A, 20, 4F, 20, B3, BC, 6F, 78, 1F, A5, B4, BD, 54, 6C, 33, A3, E6, 08, FF, 41, A3, C8, CF, 55, 90, 2D, 83, F8, E5, 4B, A5, 07, AF, 6A, 07, 3D, 97, B5, 15, B3, CA, D3, 8E, A2, E1, DB, 1B, F3, D2, CF, 1D, E6, 89, 68, B1, 86, A7, 1F, DB, 51, 9A, B6, 4A, B3, 86, 1D, 54, 67, 89, 8B, 74, D2, 20, AC, 62...
 
[+]

Entropy:
7.9950  (probably packed)

Code size:
1.2 MB (1,236,480 bytes)

The file network_routing_algorithms_protocols_and_architectures_solution_manual_downloader.exe has been seen being distributed by the following URL.

https://doc-0k-3o-docs.googleusercontent.com/docs/securesc/qtjr5hkrceq9ra7er538jocje1tfp201/s6qkvl5fmcrteqec2oa3rgbmao89d5eb/1455148800000/.../14109145119602712517/0B273q1KnVESdaVRhXzBISzIxMG8?e=download

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.