openoffice_packages.exe

AccuInstall

The application openoffice_packages.exe by AccuInstall has been detected as adware by 6 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
AccuInstall  (signed and verified)

MD5:
9f9e8153444d7ee2c9793237f5204048

SHA-1:
487b3cb92760dad506bcf1bf8fb1e754a1000af1

SHA-256:
373f13434dde59105c668cc09c4c647ffaa2cb67bac2e0723b3cacf4a551f921

Scanner detections:
6 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/15/2024 4:56:38 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
7.11.101.242

ESET NOD32
Win32/InstallCore.AY (variant)
8.8789

F-Prot
W32/InstallCore.P.gen
v6.4.7.1.166

Reason Heuristics
PUP.AccuInstall.T
14.12.11.23

Trend Micro House Call
TROJ_GEN.RCBH1K7
7.2.258

Vba32 AntiVirus
BScope.Malware-Cryptor.InstallCore.2691
3.12.24.0

File size:
1 MB (1,084,600 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\openoffice_packages.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
11/6/2011 4:00:00 PM

Valid to:
11/6/2013 3:59:59 PM

Subject:
CN=AccuInstall, O=AccuInstall, STREET=2360 Corporate Circle, STREET=Suite 400, L=Henderson, S=NV, PostalCode=89074, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C7A24A726209072AC474B795FA0984AA

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:XQtJ9XqxXmA9IitwfxG0CN3BbZ6LAXxNcUH5CcTW:QUxXmAiitwkv6LAUeJa

Entry address:
0xCA7A0

Entry point:
55, 8B, EC, 83, C4, F0, B8, AC, 6B, 41, 00, E8, F8, DA, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8923

Developed / compiled with:
Microsoft Visual C++

Code size:
828 KB (847,872 bytes)

Remove openoffice_packages.exe - Powered by Reason Core Security