raidcallv7.3.6.exe

Setup

DEY YAZILIM İNTERNET HIZMETLERI SAN.VE. TIC. LTD. STI.

The application raidcallv7.3.6.exe by DEY YAZILIM İNTERNET HIZMETLERI SAN.VE. TIC.. STI has been detected as a potentially unwanted program by 10 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from hyperfastdownload.com.
Publisher:
Result  (signed by DEY YAZILIM İNTERNET HIZMETLERI SAN.VE. TIC. LTD. STI.)

Product:
Setup

Description:
Result Setup

Version:
2.1.0.0

MD5:
fdc8e56fe58e7ca1ff45337300bad498

SHA-1:
d06c27439267d4fe3092147b06e100f353d8dccd

SHA-256:
e1457a614e7cac2a56b4e64ad5078a39ad2c93ee1c2e86fbf87510a96b595f13

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 1:30:09 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.Joedown
2015.05.13

Avira AntiVirus
ADWARE/Joedown.476904.1
3.6.1.96

Baidu Antivirus
Adware.MSIL.Joedown
4.0.3.1639

Dr.Web
Trojan.KillFiles.18730
9.0.1.069

ESET NOD32
MSIL/Adware.Joedown (variant)
10.11618

Fortinet FortiGate
Adware/Joedown
3/9/2016

K7 AntiVirus
Unwanted-Program
13.203.15889

McAfee
Artemis!FDC8E56FE58E
5600.6465

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Trend Micro House Call
Suspicious_GEN.F47V0511
7.2.69

File size:
465.7 KB (476,904 bytes)

Product version:
2.1.0.0

Copyright:
Result

Trademarks:
Result

Original file name:
Result.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\raidcallv7.3.6.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
3/23/2015 3:00:00 AM

Valid to:
3/23/2016 2:59:59 AM

Subject:
CN=DEY YAZILIM İNTERNET HIZMETLERI SAN.VE. TIC. LTD. STI., OU=Software, O=DEY YAZILIM İNTERNET HIZMETLERI SAN.VE. TIC. LTD. STI., STREET=KULOGLU MAH.ALYON GECIDI SOK., STREET=no 2 d 2 beyoğlu, L=istanbul, S=istanbul, PostalCode=34433, C=TR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
74CFE735D4A9C333262E54F219961F8F

File PE Metadata
Compilation timestamp:
5/11/2015 6:12:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:TS/J1s0ldUmx/bLbYnwch3SoMGsgL7GZOsLa30hTbQoBYU1:TS/J1sGdUmx/bwnwcco/nGZY09h

Entry address:
0x6361E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
390 KB (399,360 bytes)

The file raidcallv7.3.6.exe has been seen being distributed by the following URL.

Remove raidcallv7.3.6.exe - Powered by Reason Core Security