parallel-30.exe

MediaArea.net

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘parallel-6’.
Publisher:
MediaArea.net  (signed and verified)

MD5:
2d73d37faea0c6d4748a7f3ab20e4a27

SHA-1:
3802bdd6849bf2879db60745b8daf5cb6d62ab39

Scanner detections:
4 / 68

Status:
Inconclusive  (probably just false positive detections)

Analysis date:
12/27/2024 2:11:10 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Trojan-gen
160917-0

Dr.Web
Trojan.Nymaim.36
9.0.1.05190

ESET NOD32
Win32/Kryptik.FDXA trojan
6.3.12010.0

Microsoft Security Essentials
Trojan:Win32/Pennelas.B!cl
1.233.3817.0

File size:
938.1 KB (960,624 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\documents and settings\all users\parallel-92\parallel-30.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
9/16/2011 2:00:00 AM

Valid to:
9/16/2012 1:59:59 AM

Subject:
CN=MediaArea.net, O=MediaArea.net, STREET=Chemin du Vernay, L=Curienne, S=France, PostalCode=73190, C=FR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FB6841B530E64E523F2FCEE41565F123

File PE Metadata
Compilation timestamp:
12/3/2005 9:19:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.201

Entry address:
0x2730

Entry point:
68, E8, 03, 00, 00, 6A, 40, FF, 15, 33, 44, 43, 00, 8B, F8, 66, 0B, C0, 74, 0B, 6A, 21, 50, 6A, 0B, E8, 04, 00, 00, 00, C3, FF, D0, C3, BF, 11, 86, 00, 00, EB, 13, FF, 15, 37, 44, 43, 00, 8B, F0, A3, 8E, 66, 43, 00, A3, 92, 66, 43, 00, 4F, 0B, FF, 75, E9, 8B, EC, 81, EC, 50, 07, 00, 00, 33, C0, 50, FF, 35, 4A, 85, 43, 00, FF, 15, 17, 44, 43, 00, 08, C0, 0F, 85, EB, 25, 00, 00, B9, 0E, DD, 00, 00, 89, 0D, 65, 61, 43, 00, 8B, 1D, CB, 60, 43, 00, 81, EB, 75, 0B, 00, 00, 89, 1D, CB, 60, 43, 00, BB, A7, B7, 00...
 
[+]

Code size:
32 KB (32,768 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
parallel-6

Command:
C:\documents and settings\all users\parallel-92\parallel-30.exe -87


Scan parallel-30.exe - Powered by Reason Core Security