searcher.exe

The application searcher.exe has been detected as a potentially unwanted program by 8 anti-malware scanners. This is a setup program which is used to install the application. This file is typically installed with the program Searcher. The file has been seen being downloaded from syscos18.ru.
Version:
1.0.0.0

MD5:
dafe53d9c5562fcfa7ae4597d1cb6beb

SHA-1:
f580ce5917a922feea76261f0150ae52b8386c0e

SHA-256:
26475ccb243d79b2df1b01f923c74a5430c574a130e040b53dab0d0e932642ec

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 6:27:07 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
2014.9-150826

Dr.Web
infected with Trojan.Siggen6.43361
9.0.1.05190

ESET NOD32
Win32/InstallMonstr.CV potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/InstallMonstr
8/26/2015

McAfee
Artemis!DAFE53D9C556
5600.6661

Rising Antivirus
PE:Trojan.Dapato!6.1C47
23.00.65.15726

Total Defense
Heur/TrojanHorse.ZCIE!suspicious
37.1.62.1

VIPRE Antivirus
Trojan.Win32.Generic
42878

File size:
6.6 MB (6,923,562 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\searcher.exe

File PE Metadata
Compilation timestamp:
7/27/2015 3:47:28 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:4heAiuU58dn3Dm+KyDw+R9AvrSvoD26HH:kNpKyBwMjY

Entry address:
0x4D3DD0

Entry point:
55, 8B, EC, 83, C4, EC, 33, C0, 89, 45, EC, B8, 58, 46, 8C, 00, E8, 8F, B8, B3, FF, 33, C0, 55, 68, 57, 3E, 8D, 00, 64, FF, 30, 64, 89, 20, 8B, 0D, F4, 43, 8F, 00, A1, 5C, 4B, 8F, 00, 8B, 00, 8B, 15, 2C, EF, 8B, 00, E8, 1D, E3, D0, FF, 8D, 55, EC, B8, 01, 00, 00, 00, E8, 64, 30, B3, FF, 8B, 45, EC, BA, 70, 3E, 8D, 00, E8, 27, 74, B3, FF, 74, 0E, A1, F4, 43, 8F, 00, 8B, 00, E8, 95, D2, FE, FF, EB, 0C, A1, F4, 43, 8F, 00, 8B, 00, E8, C7, D7, FE, FF, 33, C0, 5A, 59, 59, 64, 89, 10, 68, 5E, 3E, 8D, 00, 8D, 45...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
4.8 MB (5,056,512 bytes)

The file searcher.exe has been discovered within the following program.

Searcher  by Searcher
About 1% of users remove it
 
Powered by Should I Remove It?

The file searcher.exe has been seen being distributed by the following URL.

Remove searcher.exe - Powered by Reason Core Security