home

OTS.exe

OldTimer Scanner

OldTimer Tools

This is a setup program which is used to install the application. The file has been seen being downloaded from www.geekstogo.com and multiple other hosts.
Publisher:
OldTimer Tools

Product:
OldTimer Scanner

Version:
3.1.47.2

MD5:
700b66bc8b579c3ca00dc36e6e48714c

SHA-1:
ffba4765175e065d4a250812d4492ce08bcb1932

SHA-256:
f8aa534026d31fde2e0e419eb911552be25a79ed8f4b9ddfe28f8d097c017ba5

Scanner detections:
14 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
1/14/2025 10:28:47 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

AVG
Generic30
2015.0.3528

Baidu Antivirus
Trojan.Win32.Swisyn
4.0.3.14322

Bkav FE
HW32.CDB
1.3.0.4959

Comodo Security
UnclassifiedMalware
17905

Fortinet FortiGate
W32/Swisyn.CNEU!tr
3/22/2014

F-Prot
W32/SuspPack.N.gen
v6.4.7.1.166

McAfee
Artemis!700B66BC8B57
5600.7184

Norman
Suspicious_Gen4.BMEZN
11.20140322

Quick Heal
Trojan.Swisyn.cneu
3.14.12.00

Trend Micro House Call
TROJ_HIDEFIL.BMC
7.2.81

Trend Micro
TROJ_HIDEFIL.BMC
10.465.22

Vba32 AntiVirus
Trojan.Swisyn
3.12.24.3

ViRobot
Trojan.Win32.A.Swisyn.646656
2011.4.7.4223

File size:
631.5 KB (646,656 bytes)

Product version:
3.0.0.0

Original file name:
OTS.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\ots.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:76LO5bcOxVWn1JFbXWB7qcFKzln+YgI9TrOskKOvmw1epaieDuXqNSPtjWZ5V:7p5RxGJ1XWYcoln+IhZIm/pasqMjm

Entry address:
0x1000

Entry point:
B8, E8, 9D, 67, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 13, 5F, AC, 93, F6, DA, 0E, 4A, 3E, 62, 1D, 64, 84, 49, A1, B7, 3F, C0, FD, 1C, 14, 0A, AD, 77, 11, D2, DA, EC, 4A, 5B, FE, E7, 49, 6C, 13, 8A, CF, 0A, 76, 44, 8C, E7, 75, 6C, 22, E9, 3C, 43, E7, FE, 78, 10, 09, 4A, 52, 5B, 1B, 27, C8, ED, 69, 81, CA, BA, CB, AE, 8D, DE, 69, E0, D2, 0E, 27, 80, 2E, 94, 73, 9D, 02, FE, B3, 69, 16, 96, 98, 92, E5, 7F, 2A, E8, 53, 81, D9...
 
[+]

Packer / compiler:
PECompact v2

Code size:
2.1 MB (2,151,936 bytes)

The file OTS.exe has been seen being distributed by the following 3 URLs.

http://www.geekstogo.com/forum/files/go/.../ots-oldtimers-system-scanner

http://www.geekstogo.com/forum/files/download/.../

http://oldtimer.geekstogo.com/OTS.exe

Scan OTS.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.