» openofficesuite-us-setup-organic.exe
Overview
Analysis
File Details

openofficesuite-us-setup-organic.exe

Steakhouse Media

The application openofficesuite-us-setup-organic.exe by Steakhouse Media has been detected as a potentially unwanted program by 11 anti-malware scanners.

File name:

Publisher:

Steakhouse Media (signed and verified)

Product:

Steakhouse Media

Version:

34.8.7.9323

MD5:

30dc7dfd94f95939479f0c6686e05d4d

SHA-1:

a6bc283d91c13917b5b17432a1ae183c701e5eb8

SHA-256:

47f27801cc01324ab30077c8b3a624aad79843b3f26da43b155661850d137c87

Scanner detections:

11 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 8:02:16 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Heur.Kelios.1

5711751

Avira AntiVirus

TR/ATRAPS.Gen2

8.3.2.4

Arcabit

Trojan.Kelios.1

1.0.0.629

Bitdefender

Gen:Heur.Kelios.1

1.0.20.1740

Emsisoft Anti-Malware

Gen:Heur.Kelios

10.0.0.5366

F-Secure

Gen:Heur.Kelios.1

5.15.21

G Data

Gen:Heur.Kelios

15.12.25

IKARUS anti.virus

PUA.DownloadAdmin

t3scan.1.9.5.0

MicroWorld eScan

Gen:Heur.Kelios.1

16.0.0.1044

Norman

Gen:Heur.Kelios.1

12.12.2015 20:21:58

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1077

File size:

1 MB (1,071,272 bytes)

Product version:

34.8.7.9323

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\openofficesuite-us-setup-organic.exe

Digital Signature

Signed by:

Steakhouse Media

Authority:

GoDaddy.com, Inc.

Valid from:

12/8/2015 5:55:38 PM

Valid to:

12/8/2016 5:55:38 PM

Subject:

CN=Steakhouse Media, O=Steakhouse Media, L="Oakland ", S=California, C=US

Issuer:

CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

00B6BFBB508E3ADDAC

File PE Metadata

Compilation timestamp:

12/3/2014 2:40:28 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:/JYe132Jb7B7wKOOP0Q3YHRQqvgIqJHrVBQ/8aH0iz+Hb531SX:/6e1ibZwKGB0IiVBQ/LFCHl1q

Entry address:

0x11D6

Entry point:

E8, B5, CE, 00, 00, E9, BF, C7, 00, 00, FF, 25, B0, E2, 4D, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 54, EA, 4D, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 20, E3, 4D, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, C0, E2, 4D, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 14, E3, 4D, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 8C, E3, 4D, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, D0, E2, 4D, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 1C, E3, 4D, 00... 
[+]

Entropy:

7.9716 (probably packed)

Code size:

56.5 KB (57,856 bytes)

Remove openofficesuite-us-setup-organic.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.