home

sbornik muzyiki radio hit fm 2015.exe

2007 Microsoft Office system

Inergen

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The application sbornik muzyiki radio hit fm 2015.exe, “2007 Microsoft Office component” by Inergen has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from vip-weapon.ru.
Publisher:
Microsoft Corporation  (signed by Inergen)

Product:
2007 Microsoft Office system

Description:
2007 Microsoft Office component

Version:
12.0.6606.1000

MD5:
c6657b8baa5659d1e1a175d3ccaaa694

SHA-1:
90a6827a45cdd3685ea5c0ca12a31b45b3bcd9b2

SHA-256:
0278184594148741ea6cd6fe3475c5818fbc0a8a3cb223f697743eca86fa76bd

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/28/2024 4:20:29 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Inergen (M)
16.6.25.9

File size:
593.5 KB (607,744 bytes)

Product version:
12.0.6606.1000

Copyright:
© 2006 Microsoft Corporation. All rights reserved.

Original file name:
SetLang.Exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Inergen

Authority:
COMODO CA Limited

Valid from:
5/25/2016 3:00:00 AM

Valid to:
5/26/2017 2:59:59 AM

Subject:
CN=Inergen, O=Inergen, STREET="AVENUE VOLGOGRAD, House 93, Building 2, ROOM II ROOM 12,", L=Moscow, S=Moscow, PostalCode=109117, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C9BE03B759B3C958ED3BBFB001506309

File PE Metadata
Compilation timestamp:
6/18/2016 6:18:07 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:fPzEupMvSVQ45CrGhKcWBQM+T+jYc45dNju8SZn243e20e7BnBXrDCAc8Dya1+WQ:4VKSyhdAQMGIqdpzQn2ElNl7cXqfrX27

Entry address:
0x1000

Entry point:
55, 8B, EC, 81, EC, B0, 03, 00, 00, C6, 85, 44, FF, FF, FF, EA, 8B, D2, 8B, 55, 08, 8B, D2, 89, 15, 1C, 19, 49, 00, 89, 2D, FC, 18, 49, 00, C6, 85, 05, FE, FF, FF, ED, A1, 2C, C0, 48, 00, A3, 44, 19, 49, 00, 8B, 0D, 44, 19, 49, 00, 89, 8D, 40, FE, FF, FF, C7, 85, 3C, FE, FF, FF, 00, 00, 00, 00, 68, 48, 19, 49, 00, 8B, 15, 48, 10, 49, 00, 52, 68, 00, 00, 00, 80, FF, 95, 40, FE, FF, FF, 89, 85, 44, FE, FF, FF, 83, BD, 44, FE, FF, FF, 00, 74, 02, CD, 05, C6, 85, 10, FD, FF, FF, 48, E8, 82, 03, 00, 00, A3, 24...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
554.5 KB (567,808 bytes)

The file sbornik muzyiki radio hit fm 2015.exe has been seen being distributed by the following URL.

http://vip-weapon.ru/tables?keyword=??????? ??????? ?????? ????? ??? ?? 2015&charset=utf-8

Remove sbornik muzyiki radio hit fm 2015.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.