outdatefighter_web.exe

OUTDATEfighter

SPAMfighter ApS

The executable outdatefighter_web.exe, “OUTDATEfighter Installation Package” has been detected as malware by 10 anti-virus scanners. The file has been seen being downloaded from www.spamfighter.com.
Publisher:
SPAMfighter ApS

Product:
OUTDATEfighter

Description:
OUTDATEfighter Installation Package

Version:
1.1.94

MD5:
c24d66d6e86a64887c41b890d77f89ff

SHA-1:
1481597e7c6fd25ba0cdbd5af16fa0f6746685d7

SHA-256:
f21065bbfa2766e882eecc1d44c5216ee1004b59780fe1fe62113fe050df7f06

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
12/24/2024 12:45:02 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Sality
160518-2

AVG
Win32/Sality
2015.0.4604

Dr.Web
Win32.Sector.30
9.0.1.05190

Emsisoft Anti-Malware
Win32.Sality
16.07.08

ESET NOD32
Win32/Sality.NBA virus
8.0.319.0

F-Prot
W32/Sality.gen2
4.6.5.141

Kaspersky
Virus.Win32.Sality
15.0.0.562

Microsoft Security Essentials
Threat.Undefined
1.225.793.0

Norman
Win32.Sality.3
19.05.2016 01:04:49

VIPRE Antivirus
Threat.4758034
50668

File size:
2.1 MB (2,216,328 bytes)

Product version:
1.1.94

Copyright:
Copyright (C) 2012 SPAMfighter ApS

Original file name:
OUTDATEfighterSetup.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\outdatefighter_web.exe

File PE Metadata
Compilation timestamp:
4/21/2016 5:12:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:jGV5tHN7vDYyuDpxFfWb52OUTv+wN9kzl6W8uhRz:KvtH1OxFfWb52LhLERz

Entry address:
0x24823

Entry point:
F7, C5, 90, 0E, 1C, 14, F6, D2, 8A, E5, 0F, AF, D5, E8, 00, 00, 00, 00, BB, AC, 7B, F5, A8, 18, C6, 8D, 15, B0, AD, A8, EF, 81, FF, 18, AE, 00, 00, 5D, 0F, C8, 0F, CE, 8D, 05, 95, 87, 6A, 0A, 46, BF, 13, 4A, F1, FF, 81, C7, 4E, AD, 0E, 00, B8, 8F, 18, 80, 8C, 81, F6, 15, 85, 32, F0, B8, 08, 02, CF, 6E, C7, C1, 62, 37, 1B, 79, F7, C1, DB, B5, EF, 41, 8D, 05, 76, EF, F9, FF, 35, 98, 03, 00, 00, 12, CC, 8D, 10, 81, C2, 12, 13, 06, 00, 77, 03, F6, C6, 8F, 8D, 17, 8D, 0D, 5D, 0E, CF, 4F, 81, C2, 46, 0E, 00, 00...
 
[+]

Entropy:
7.1280

Code size:
278 KB (284,672 bytes)

The file outdatefighter_web.exe has been seen being distributed by the following URL.

Remove outdatefighter_web.exe - Powered by Reason Core Security