home

ovisetup.exe

OpenIV

New Technology Studio

This is a setup and installation application. The file has been seen being downloaded from openiv.com.
Publisher:
New Technology Studio

Product:
OpenIV

Description:
OpenIV setup

Version:
1.0.0.0

MD5:
b3a433cc219eebbc74a4848b5a74ad79

SHA-1:
3a94149cb97568b5bd02bb2fb173167d86dd3ec0

SHA-256:
4bd77241acc046f74a964c0afde274a67e3e38aec0bce6de0eabd92b9c13bbc5

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/15/2024 5:31:31 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Trojan/Win32.Genome.N1175437989
3.7.4.14

ViRobot
Trojan.Win32.S.Genome.5465088[h]
2014.3.20.0

File size:
5.2 MB (5,465,088 bytes)

Product version:
1.0.0.0

Copyright:
© New Technology Studio

Original file name:
ovisetup.exe

File type:
Executable application (Win32 EXE)

Language:
Russian (Russia)

Common path:
C:\users\{user}\downloads\ovisetup.exe

File PE Metadata
Compilation timestamp:
5/11/2014 3:24:26 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:PuFWOwa7iMEE8C2xKAz9+SaxuQ/Bf+y56XJjGZ6StbA+At9F1TRHqw98rK3JzSMp:aWNMJexKd+yijmGmmSMadxfcjFVpPN

Entry address:
0x3013B4

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, 57, B8, CC, 3C, 6F, 00, E8, 61, CD, D0, FF, 33, D2, 55, 68, F3, 13, 70, 00, 64, FF, 32, 64, 89, 22, A1, 24, E0, 6E, 00, E8, 8D, CD, FE, FF, A1, 24, E0, 6E, 00, E8, 23, D3, FE, FF, 33, C0, 5A, 59, 59, 64, 89, 10, EB, 24, E9, D0, 72, D0, FF, 01, 00, 00, 00, 58, D6, 41, 00, 04, 14, 70, 00, 8B, C8, 33, D2, A1, 24, E0, 6E, 00, E8, 92, D4, FE, FF, E8, DD, 75, D0, FF, 5F, 5E, 5B, E8, 89, 7B, D0, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
3 MB (3,143,680 bytes)

The file ovisetup.exe has been seen being distributed by the following URL.

http://openiv.com/.../guest.php?get=1

Scan ovisetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.