» prepreinstaller_win.exe
Overview
Analysis
File Details
Downloads (1)

prepreinstaller_win.exe

The application prepreinstaller_win.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from d27bbbjg92voed.cloudfront.net.

File name:

MD5:

6a04652062052abaf119e4f534f9e4a4

SHA-1:

ff3248d8c965127fac299e96c45db136a5cd490b

SHA-256:

0b6c9e43473cc12f9b9a351b4e3f259c3e2877decebc7a43b9d35c00c4378d72

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 3:10:08 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Downloader (M)

16.7.24.16

File size:

8.5 KB (8,704 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\prepreinstaller_win.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

96:9k4IwRgT9euT0n1HUHHHLAHHHHHfQgcQMvXnnn:9rRgRDg10n8nn/QXfn

Entry point:

F4, 3C, 04, 3D, 08, 3D, 18, 3D, 1C, 3D, 20, 3D, 28, 3D, 40, 3D, 50, 3D, 54, 3D, 64, 3D, 68, 3D, 6C, 3D, 70, 3D, 78, 3D, 90, 3D, A0, 3D, A4, 3D, B4, 3D, B8, 3D, BC, 3D, C4, 3D, DC, 3D, EC, 3D, F0, 3D, 00, 3E, 04, 3E, 14, 3E, 18, 3E, 1C, 3E, 24, 3E, 3C, 3E, 4C, 3E, 50, 3E, 60, 3E, 64, 3E, 6C, 3E, 84, 3E, 94, 3E, 98, 3E, A8, 3E, AC, 3E, B0, 3E, B8, 3E, D0, 3E, E0, 3E, E4, 3E, F4, 3E, F8, 3E, FC, 3E, 04, 3F, 1C, 3F, 2C, 3F, 30, 3F, 38, 3F, 50, 3F, 60, 3F, 64, 3F, 74, 3F, 78, 3F, 7C, 3F, 80, 3F, 88, 3F, A0, 3F... 
[+]

The file prepreinstaller_win.exe has been seen being distributed by the following URL.

http://d27bbbjg92voed.cloudfront.net/prepreinstaller_win.exe

Remove prepreinstaller_win.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.