psafetotalsetup{213-9912065}.exe

Instalador PSafe Total

PSafe Tecnologia S.A.

The executable psafetotalsetup{213-9912065}.exe has been detected as malware by 5 anti-virus scanners. This is a setup program which is used to install the application. This file is typically installed with the program PSafe Antivirus by PSafe Tecnologia. The file has been seen being downloaded from static.psafe.net and multiple other hosts.
Publisher:
PSafe  (signed by PSafe Tecnologia S.A.)

Product:
Instalador PSafe Total

Version:
2.1.0.1186

MD5:
91193e76eb5eaab105650a76f39143bc

SHA-1:
e7bde33fdaa35d8ddf1a13dd97438f92ea7db788

SHA-256:
9bf70b2d1425439936431b51b6459d0cc19a24fb7aad441f77887cfe5368ab6d

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
11/27/2024 2:42:57 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11445684
538

F-Secure
Trojan.Generic.11445684
11.2015-16-08_1

Kaspersky
HEUR:Trojan.Win32.StartPage
14.0.0.1574

McAfee
Artemis!52E06391FB48
5600.6672

MicroWorld eScan
Trojan.Generic.11445684
16.0.0.684

File size:
27.4 MB (28,723,552 bytes)

Product version:
2.1.0.1186

Copyright:
Copyright (C) 2014

Original file name:
PSafeTotalSetup.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\users\{user}\downloads\psafetotalsetup{213-9912065}.exe

Digital Signature
Authority:
DigiCert Inc

Valid from:
1/20/2013 6:00:00 PM

Valid to:
1/26/2015 6:00:00 AM

Subject:
CN=PSafe Tecnologia S.A., O=PSafe Tecnologia S.A., L=Rio de Janeiro, S=Rio de Janeiro, C=BR

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07F79AA9335B794D70779F719061AFF2

File PE Metadata
Compilation timestamp:
6/19/2014 10:33:52 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
393216:0YlMhvXlcG7Ynal7T/08ylyRjnkkt/yXs8kDfdHrH766qg4rk6uCk0sKqqxegcNI:0/LDjnkkMngdH6s4reCk5KqqWsq5c

Entry address:
0x5F093

Entry point:
E8, AB, 93, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, 83, 3D, 58, 28, 4C, 00, 00, 0F, 84, 0D, 97, 00, 00, 83, EC, 08, 0F, AE, 5C, 24, 04, 8B, 44, 24, 04, 25, 80, 7F, 00, 00, 3D, 80, 1F, 00, 00, 75, 0F, D9, 3C, 24, 66, 8B, 04, 24, 66, 83, E0, 7F, 66, 83, F8, 7F, 8D, 64, 24, 08, 0F, 85, DC, 96, 00, 00, EB, 00, F3, 0F, 7E, 44, 24, 04, 66, 0F, 28, 15, D0, 9E, 49, 00, 66, 0F, 28, C8, 66, 0F, 28, F8, 66, 0F, 73, D0, 34, 66, 0F, 7E, C0, 66, 0F, 54, 05, F0, 9E, 49, 00, 66, 0F, FA, D0, 66, 0F, D3, CA, A9, 00, 08, 00...
 
[+]

Entropy:
7.6997

Code size:
606 KB (620,544 bytes)

The file psafetotalsetup{213-9912065}.exe has been discovered within the following program.

PSafe Antivirus  by PSafe Tecnologia
About 2% of users remove it
 
Powered by Should I Remove It?

The file psafetotalsetup{213-9912065}.exe has been seen being distributed by the following 10 URLs.

http://static.psafe.net/total/es/.../PSafeTotalSetup{213-9559262}.exe

http://static.psafe.net/total/es/.../PSafeTotalSetup{213-9685474}.exe

http://static.psafe.net/total/.../PSafeTotalSetup{213-9304810}.exe

Remove psafetotalsetup{213-9912065}.exe - Powered by Reason Core Security