» off2k7pro_sp2_stub.exe
Overview
Analysis
File Details
Downloads (1)

off2k7pro_sp2_stub.exe

The application off2k7pro_sp2_stub.exe has been detected as a potentially unwanted program by 19 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from downloads.seagate.com.

File name:

MD5:

b707ca0e5f935362120bd33b3a083b39

SHA-1:

e851a7f1594fd7b6fdeac7cf45a29e83b17af035

SHA-256:

6aa0ecb80b0967f7ebd4b5421b624fe2cbea2bbaee00a6d12a8cc6234ac6ca99

Scanner detections:

19 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 1:52:15 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.8587379

380

Agnitum Outpost

Trojan.DL.Genome

7.1.1

Avira AntiVirus

TR/Rogue.8587379

7.11.213.146

Baidu Antivirus

Adware.Win32.Genome

4.0.3.16120

Bitdefender

Trojan.Generic.8587379

1.0.20.100

Comodo Security

UnclassifiedMalware

21299

Dr.Web

Trojan.DownLoader7.48764

9.0.1.020

Emsisoft Anti-Malware

Trojan.Generic.8587379

8.16.01.20.05

F-Secure

Trojan.Generic.8587379

11.2016-20-01_4

G Data

Trojan.Generic.8587379

16.1.25

IKARUS anti.virus

Trojan-Downloader.Win32.Genome

t3scan.1.8.6.0

Kaspersky

Trojan-Downloader.Win32.Genome

14.0.0.786

MicroWorld eScan

Trojan.Generic.8587379

17.0.0.60

NANO AntiVirus

Trojan.Win32.Genome.bkkcyf

0.30.0.296

Norman

Downloader.HDWZ

11.20160120

nProtect

Trojan.Generic.8587379

15.03.05.01

Vba32 AntiVirus

TrojanDownloader.Genome

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

38138

Zillya! Antivirus

Downloader.Genome.Win32.48340

2.0.0.2088

File size:

532.5 KB (545,280 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\off2k7pro_sp2_stub.exe

File PE Metadata

Compilation timestamp:

8/17/2007 2:13:16 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

12288:7x8wwsqzDEE+bqnhiFd1aLIe0JVwwKsqnDkU+:eUqnn+b7FqN0JOkqDkN

Entry address:

0x1000

Entry point:

55, 8B, EC, 81, EC, 7C, 05, 00, 00, 53, 56, 57, BE, 04, 01, 00, 00, 56, 8D, 85, 90, FD, FF, FF, 33, DB, 50, 53, 89, 5D, F4, FF, 15, 38, 20, 40, 00, 56, 8D, 85, 90, FD, FF, FF, 50, 50, FF, 15, 34, 20, 40, 00, 8B, 3D, 30, 20, 40, 00, 53, 53, 6A, 03, 53, 6A, 01, 68, 00, 00, 00, 80, 8D, 85, 90, FD, FF, FF, 50, FF, D7, 83, F8, FF, 89, 45, FC, 0F, 84, 82, 01, 00, 00, 8D, 85, 8C, FC, FF, FF, 50, 56, FF, 15, 2C, 20, 40, 00, 8D, 85, 94, FE, FF, FF, 50, 53, 68, 58, 20, 40, 00, 8D, 85, 8C, FC, FF, FF, 50, FF, 15, 28... 
[+]

Entropy:

7.9079

Developed / compiled with:

Microsoft Visual C++

Code size:

1024 Bytes (1,024 bytes)

The file off2k7pro_sp2_stub.exe has been seen being distributed by the following URL.

https://downloads.seagate.com/file_download.php?software_id=1174&download_user_id=306431&license_id=20789

Remove off2k7pro_sp2_stub.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.