home

qmobile noir i6i flash file and usb driver.exe

Standarty IT, TOV

The application qmobile noir i6i flash file and usb driver.exe, “Application downloader” by Standarty IT, TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Files company name  (signed by Standarty IT, TOV)

Description:
Application downloader

Version:
2.1.1.4

MD5:
abdbe6f94427574e376ead2e41a061ae

SHA-1:
702238fefc1dd81583834eae05efaf32ce70f589

SHA-256:
a95b72a31afbfb368bef51473e043265cde3fd486b4bcbcb2d90e6f48a0b9b0d

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 6:34:04 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallMonster (M)
17.3.15.9

File size:
4.3 MB (4,541,632 bytes)

Product version:
2.2.1.18

Copyright:
All right reserved (c)

Trademarks:
Legal TM

Original file name:
AppDownload

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\qmobile noir i6i flash file and usb driver.exe

Digital Signature
Signed by:
Standarty IT, TOV

Authority:
COMODO CA Limited

Valid from:
10/31/2016 5:00:00 PM

Valid to:
3/31/2017 4:59:59 PM

Subject:
CN="Standarty IT, TOV", OU=IT, O="Standarty IT, TOV", STREET="Bud. 109 kv. 01, vul.Zelena", L=Lviv, S=Lvivska, PostalCode=79000, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F9A0B732F6BE25D1CD00F711ACFC1228

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x221E28

Entry point:
55, 8B, EC, 83, C4, DC, 53, 56, 57, 33, C0, 89, 45, E0, 89, 45, E4, 89, 45, E8, B8, F8, 12, 62, 00, E8, 2E, 5D, DE, FF, 33, C0, 55, 68, 32, 22, 62, 00, 64, FF, 30, 64, 89, 20, E8, FF, 12, DE, FF, 33, C0, 55, 68, 19, 1F, 62, 00, 64, FF, 30, 64, 89, 20, E8, 84, 41, E8, FF, 83, C0, 01, 71, 05, E8, 8A, 23, DE, FF, 3D, FE, 00, 00, 00, 7F, 3E, A3, 80, 5D, 6F, 00, E8, 69, 41, E8, FF, 03, 05, 80, 5D, 6F, 00, 71, 05, E8, 6C, 23, DE, FF, 8D, 55, E8, E8, 64, E0, FF, FF, 8B, 55, E8, B8, 78, 5D, 6F, 00, E8, AF, 3A, DE...
 
[+]

Entropy:
7.3399

Developed / compiled with:
Microsoft Visual C++

Code size:
2.1 MB (2,233,344 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.