» ovisetup-01032015230522.exe
Overview
Analysis
File Details
Programs (1)
Downloads (3)

ovisetup-01032015230522.exe

OpenIV

New Technology Studio

File name:

Publisher:

New Technology Studio

Product:

OpenIV

Description:

OpenIV setup

Version:

2.0.0.27

MD5:

004c858868ed76fe9bc860aad2615633

SHA-1:

8e50a387a8fc9522cdbc5b5bfdcf5d465e5fedf3

SHA-256:

19e52198654121f145b9be8204c3c516f93bd4c0e00cdc96544dbbda03ead1c7

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/15/2024 3:24:57 AM UTC (today)

File size:

3.8 MB (4,008,960 bytes)

Product version:

2.0.0.0

Original file name:

ovisetup.exe

File type:

Executable application (Win32 EXE)

Language:

Russian (Russia)

Common path:

C:\users\{user}\appdata\local\temp\ovisetup-01032015230522.exe

File PE Metadata

Compilation timestamp:

2/22/2015 9:16:26 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:/wr7HiGrsSDLTyJ20dtSS0xgR+v1ysaX4X14JlMSmp8TGmWAKaRkBL98E:orLo2bvQsaX4XNmR

Entry address:

0x31C424

Entry point:

55, 8B, EC, 83, C4, EC, 53, 56, 57, 33, C0, 89, 45, EC, B8, 40, F2, 70, 00, E8, 68, 1D, CF, FF, 33, C0, 55, 68, E7, C4, 71, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, AD, C4, 71, 00, 64, FF, 32, 64, 89, 22, A1, C4, E6, 70, 00, E8, EE, 23, FF, FF, A1, C4, E6, 70, 00, E8, DC, 2A, FF, FF, 84, C0, 74, 0C, A1, C4, E6, 70, 00, E8, B6, 29, FF, FF, EB, 27, 68, 04, C5, 71, 00, 6A, 10, 8D, 55, EC, A1, 54, A3, 72, 00, 8B, 00, E8, FA, DB, EC, FF, 8B, 4D, EC, A1, 54, A3, 72, 00, 8B, 00, 33, D2, E8, 11, 8C, ED, FF, 33... 
[+]

Entropy:

6.5674

Developed / compiled with:

Microsoft Visual C++

Code size:

3.1 MB (3,255,808 bytes)

The file ovisetup-01032015230522.exe has been discovered within the following program.

OpenIV by .black/OpenIV Team

openiv.com

About 5% of users remove it

The file ovisetup-01032015230522.exe has been seen being distributed by the following 3 URLs.

q=http://openiv.com/.../guest.php?get=1&redir_token=tLInfwOhLsOUsMX92chVY2IE1Ut8MTQyNTE0NTI5NEAxNDI1MDU4ODk0

http://ntscorp.ru/ovi/.../ovisetup.exe

http://openiv.com/.../guest.php?get=1

Scan ovisetup-01032015230522.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.