» paint-the-town-red-v0.3.8-2015-torrent.exe
Overview
Analysis
File Details
Downloads (1)

paint-the-town-red-v0.3.8-2015-torrent.exe

MobileCaller

CAPITAL SOFTWARE CONSULTANCY LTD

The executable paint-the-town-red-v0.3.8-2015-torrent.exe, “Software Setup ” has been detected as malware by 1 anti-virus scanner. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from downloader.disk.yandex.ru.

File name:

Publisher:

Taycoon (signed by CAPITAL SOFTWARE CONSULTANCY LTD)

Product:

MobileCaller

Description:

Software Setup

Version:

1.0

MD5:

273276214ca9bedeb9935c75aed171c3

SHA-1:

eaa855d1910b1a47ae42e5af608e254903a27c23

SHA-256:

e825e358b79ad2bd4f5f3521ef48ff8a5a7ea2e5f3ade44d7be738ca57b233ce

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/24/2024 2:59:20 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.3.14.21

File size:

2.4 MB (2,489,592 bytes)

Product version:

1.0

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

CAPITAL SOFTWARE CONSULTANCY LTD

Authority:

COMODO CA Limited

Valid from:

11/10/2015 2:00:00 AM

Valid to:

11/10/2016 1:59:59 AM

Subject:

CN=CAPITAL SOFTWARE CONSULTANCY LTD, O=CAPITAL SOFTWARE CONSULTANCY LTD, POBox=CF23 8SL, STREET=58 Cranbourne Way Pontprennau, L=Cardiff, S=South Glamorgan, PostalCode=CF23 8SL, C=GB

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

4125F00DB7D3D769AA161DDC92CC0CB3

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0x15E9AC

Entry point:

55, 8B, EC, 83, C4, F0, B8, CC, E2, 55, 00, E8, 1C, 88, EA, FF, A1, 9C, 4E, 56, 00, 8B, 00, E8, 38, A4, F0, FF, A1, 9C, 4E, 56, 00, 8B, 00, 33, D2, E8, 36, A0, F0, FF, 8B, 0D, 70, 47, 56, 00, A1, 9C, 4E, 56, 00, 8B, 00, 8B, 15, 74, 74, 55, 00, E8, 2A, A4, F0, FF, 8B, 0D, 7C, 46, 56, 00, A1, 9C, 4E, 56, 00, 8B, 00, 8B, 15, 68, 71, 55, 00, E8, 12, A4, F0, FF, A1, 9C, 4E, 56, 00, 8B, 00, E8, 86, A4, F0, FF, E9, BC, 00, 00, 00, 60, 8B, F6, 03, C0, 8B, 0D, 0C, 84, 56, 00, 90, 0F, B6, 09, 90, 8B, C0, 80, E9, B0... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

1.4 MB (1,432,576 bytes)

The file paint-the-town-red-v0.3.8-2015-torrent.exe has been seen being distributed by the following URL.

https://downloader.disk.yandex.ru/disk/1bc53c8db2a6b0b376b66dfcad991ba74e08d77647ea781801e8a5ecbe5b94be/569bbb8c/.../x-msdownload&fsize=2489592&hid=62ea8593ddf3bbc28b3df0a3a5e90b84&media_type=executable&tknv=v2&etag=273276214ca9bedeb9935c75aed171c3

Remove paint-the-town-red-v0.3.8-2015-torrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.