samsung-la40c530f1r.exe

Support and Drivers

TLAPIA

The application samsung-la40c530f1r.exe, “This installer database contains the logic and data required to install Support and Drivers.” by TLAPIA has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from www.drivers-et-pilotes.net.
Publisher:
TLAPIA  (signed and verified)

Product:
Support and Drivers

Description:
This installer database contains the logic and data required to install Support and Drivers.

Version:
1.4.1

MD5:
b1f810b6cb88074f741ac2a78e65c737

SHA-1:
e5b6c9da068baea672b00f04b0ff4da3816f8c2b

SHA-256:
58083193c696418a6af5f3f02b929fa1567308e9e2a954a328587a0b5b7019b3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 12:43:05 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TLAPIA.Installer (M)
16.3.7.12

File size:
4.6 MB (4,816,248 bytes)

Product version:
1.4.1

Copyright:
Copyright (C) Tlapia

Original file name:
DuD.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\samsung-la40c530f1r.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/22/2013 12:00:00 AM

Valid to:
1/22/2014 11:59:59 PM

Subject:
CN=TLAPIA, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TLAPIA, L=Montevideo, S=montevideo, C=UY

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
59F70BE7091286E5251B02778D136FF2

File PE Metadata
Compilation timestamp:
3/21/2013 7:58:24 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:YPGnIyePz6VjGPj+D0z+EeaCRaS8EMJjkUzDMi2jo/PZY5AaDSwE1OMJjkUzDMCe:tyPz6ywExbeEMQ/PxVXeEMT5

Entry address:
0xB07F9

Entry point:
E8, AB, C9, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, F0, 33, DB, 3B, F3, 75, 1E, E8, 01, 48, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, CB, EB, FF, FF, 83, C4, 14, 8B, C6, E9, C2, 00, 00, 00, 57, 39, 5D, 0C, 77, 1E, E8, DD, 47, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, A7, EB, FF, FF, 83, C4, 14, 8B, C6, E9, 9D, 00, 00, 00, 33, C0, 39, 5D, 14, 66, 89, 06, 0F, 95, C0, 40, 39, 45, 0C, 77, 09, E8, AE, 47, 00, 00, 6A, 22, EB, CF, 8B, 45, 10, 83, C0, FE, 83, F8, 22, 77...
 
[+]

Code size:
912.5 KB (934,400 bytes)

The file samsung-la40c530f1r.exe has been seen being distributed by the following URL.

Remove samsung-la40c530f1r.exe - Powered by Reason Core Security