skasat_mini_karta_s_razrusheniya.exe

Internet Explorer

Spektr AITI, TOV

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The application skasat_mini_karta_s_razrusheniya.exe, “Установщик надстроек Internet Explorer” by Spektr AITI, TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Microsoft Corporation  (signed by Spektr AITI, TOV)

Product:
Internet Explorer

Description:
Установщик надстроек Internet Explorer

Version:
11.00.9600.16428 (winblue_gdr.131013-1700)

MD5:
92f70558c3d83562a6bf93827fc59ca5

SHA-1:
b63a70407306657a6bad56905f1266398c930e94

SHA-256:
d0f1c2e3421ecc810b79499b5d666835689cd04af6b47c7b1a5e0bbd4fea2ec5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 6:16:37 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCube (M)
17.1.28.22

File size:
3.5 MB (3,655,208 bytes)

Product version:
11.00.9600.16428

Copyright:
© Корпорация Майкрософт. Все права защищены.

Original file name:
ieinstal.exe.mui

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\skasat_mini_karta_s_razrusheniya.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
12/24/2015 3:00:00 AM

Valid to:
12/24/2016 2:59:59 AM

Subject:
CN="Spektr AITI, TOV", OU=IT, O="Spektr AITI, TOV", STREET="Bud. 30 kv. 292, prospekt Vatutina", L=Kiev, S=Kiev, PostalCode=02189, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3694697EDF9F6EF8FF786FBBAD3234DF

File PE Metadata
Compilation timestamp:
1/10/2016 6:47:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x3520A0

Entry point:
55, 8B, EC, 6A, FF, 68, 78, 9A, 75, 00, 68, 20, 32, 75, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, CC, 70, 75, 00, 33, D2, 8A, D4, 89, 15, 68, A7, 75, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 64, A7, 75, 00, C1, E1, 08, 03, CA, 89, 0D, 60, A7, 75, 00, C1, E8, 10, A3, 5C, A7, 75, 00, 33, F6, 56, E8, CA, 0F, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 95, 0C, 00, 00, FF, 15, B4, 70, 75, 00, A3, 94, AC, 75, 00, E8...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
3.3 MB (3,497,984 bytes)

Remove skasat_mini_karta_s_razrusheniya.exe - Powered by Reason Core Security