» partizan _ partisan-torrent.exe
Overview
Analysis
File Details
Downloads (1)

partizan _ partisan-torrent.exe

CAPITAL SOFTWARE CONSULTANCY LTD

The executable partizan _ partisan-torrent.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. The file has been seen being downloaded from ec2-52-31-202-8.eu-west-1.compute.amazonaws.com.

File name:

Publisher:

CAPITAL SOFTWARE CONSULTANCY LTD (signed and verified)

Version:

1.0.0.0

MD5:

ac209b1d27c232964ee4080587872f95

SHA-1:

581e2816340df71a6c250b04d9fb4263ee4abbe2

SHA-256:

b91992ddc04594c142320c34d99678b8754a263c79f2c663d7e627211b37100a

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/24/2024 2:45:42 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.3.8.15

File size:

2.2 MB (2,278,400 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

CAPITAL SOFTWARE CONSULTANCY LTD

Authority:

COMODO CA Limited

Valid from:

11/10/2015 2:00:00 AM

Valid to:

11/10/2016 1:59:59 AM

Subject:

CN=CAPITAL SOFTWARE CONSULTANCY LTD, O=CAPITAL SOFTWARE CONSULTANCY LTD, POBox=CF23 8SL, STREET=58 Cranbourne Way Pontprennau, L=Cardiff, S=South Glamorgan, PostalCode=CF23 8SL, C=GB

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

4125F00DB7D3D769AA161DDC92CC0CB3

File PE Metadata

Compilation timestamp:

12/30/1992 10:26:56 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0xE836F

Entry point:

8D, 00, A1, 84, 07, 4F, 00, 0F, B6, 00, 2C, B0, 83, E8, 08, 75, 84, E8, E5, FF, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

925.5 KB (947,712 bytes)

The file partizan _ partisan-torrent.exe has been seen being distributed by the following URL.

http://ec2-52-31-202-8.eu-west-1.compute.amazonaws.com/api/download/YkoBwMhP0_g/lydCquoNukSRRkvU9U8BCQ/lydCquoNukQcnXGlHKgKCA/.../ATkRL-ClSYRBd412akS7gMhkkxQDV9XhfAWYc-V-AK0RDZ_Hf-8BHToMz-nbC04IPOYrYQXkxuE

Remove partizan _ partisan-torrent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.