» outlast-2013pcrepackrus-by-black-beard-skachat-torrent.exe
Overview
Analysis
File Details

outlast-2013pcrepackrus-by-black-beard-skachat-torrent.exe

Операционная система Microsoft Windows

Smart Solyushns Autsorsing, TOV

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable outlast-2013pcrepackrus-by-black-beard-skachat-torrent.exe, “Исполняемый файл для игры "Червы"” has been detected as malware by 1 anti-virus scanner.

File name:

Publisher:

Microsoft Corporation (signed by Smart Solyushns Autsorsing, TOV)

Product:

Операционная система Microsoft® Windows®

Description:

Исполняемый файл для игры "Червы"

Version:

6.1.7600.16385 (win7_rtm.090713-1255)

MD5:

7cf669ade263bb558c7cd5858868f640

SHA-1:

79dbada347cffb2ff4e80709182e1328c8100140

SHA-256:

6c0f2e79b2f6d119f1be4992b2b3715fe699ae95ac7599021973b0bea0608f5c

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

12/26/2024 7:11:29 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.3.13.13

File size:

3.6 MB (3,764,272 bytes)

Product version:

6.1.7600.16385

Original file name:

hearts.exe.mui

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\outlast-2013pcrepackrus-by-black-beard-skachat-torrent.exe

Digital Signature

Signed by:

Smart Solyushns Autsorsing, TOV

Authority:

COMODO CA Limited

Valid from:

5/9/2016 4:00:00 AM

Valid to:

5/10/2017 3:59:59 AM

Subject:

CN="Smart Solyushns Autsorsing, TOV", OU=IT, O="Smart Solyushns Autsorsing, TOV", STREET="vul. STARTOVA, 3", L=Dnipropetrovsk, S=Dnipropetrovska, PostalCode=49000, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

22E45A07064500793A1B6A8F63989CD0

File PE Metadata

Compilation timestamp:

3/31/2012 11:40:53 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x717DA

Entry point:

E8, 69, 11, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, A8, FE, 47, 00, E8, 10, 17, 00, 00, E8, 3A, 13, 00, 00, 0F, B7, F0, 6A, 02, E8, FC, 10, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, BB, 08, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Code size:

490 KB (501,760 bytes)

Remove outlast-2013pcrepackrus-by-black-beard-skachat-torrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.