» skachat-rozyrozbl.rar-rozyrozbl.rar-s-letitbit.net-bez-re.exe
Overview
Analysis
File Details

skachat-rozyrozbl.rar-rozyrozbl.rar-s-letitbit.net-bez-re.exe

Загрузчик

GRAND MEDIA LLC

The executable skachat-rozyrozbl.rar-rozyrozbl.rar-s-letitbit.net-bez-re.exe has been detected as malware by 1 anti-virus scanner.

File name:

Publisher:

Корпорация (signed by GRAND MEDIA LLC)

Product:

Загрузчик

Version:

2.5.0.0

MD5:

719a4adc48cc887ef5dcb5817d8d1e48

SHA-1:

71372839a7408e244db1983b78258823b33e4dcc

SHA-256:

0088c0b39f1c09d4abd2887c9e482d4117739343c446fcbfb7b988d8a4bbfa73

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

12/27/2024 10:02:26 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.3.15.6

File size:

3 MB (3,109,584 bytes)

Product version:

2.5.0.0

Original file name:

dls.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\skachat-rozyrozbl.rar-rozyrozbl.rar-s-letitbit.net-bez-re.exe

Digital Signature

Signed by:

GRAND MEDIA LLC

Authority:

COMODO CA Limited

Valid from:

3/12/2015 3:00:00 AM

Valid to:

3/12/2016 2:59:59 AM

Subject:

CN=GRAND MEDIA LLC, O=GRAND MEDIA LLC, STREET="office 4, 74, Velyka Arnautska street", L=Odesa, S=Odeska, PostalCode=65045, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

6DB4D6451840481B470CABBD55471AA0

File PE Metadata

Compilation timestamp:

11/1/2015 4:10:29 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x1000

Entry point:

B8, 3C, A8, C5, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, C4, 99, 07, 32, 67, 17, FA, DD, C6, 46, 18, 3C, 50, FF, 07, 60, 1A, FB, 74, 10, 5A, 3C, 75, C7, AE, 1A, 1A, 8B, 5E, 96, 71, 24, 16, 60, 41, 5F, 71, AE, 53, 03, 93, F0, B5, A0, 0F, AB, 68, 5B, CB, D1, 6E, D5, EF, E3, D8, 85, E5, C6, 75, 22, C5, BA, B4, ED, CE, F9, 61, DB, C1, 49, 42, 1C, 9B, 38, C6, F0, 3F, 5E, 58, 4A, 75, 97, 6D, 43, E2, 99, 02, FC, 1D, 9E, 6E, 95, 24... 
[+]

Packer / compiler:

PECompact v2

Code size:

6.1 MB (6,347,264 bytes)

Remove skachat-rozyrozbl.rar-rozyrozbl.rar-s-letitbit.net-bez-re.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.