home

skype - 042030_slunecnice.exe

sinstalator

PS Media s.r.o.

This is a setup program which is used to install the application. The file has been seen being downloaded from software.seznam.cz and multiple other hosts.
Publisher:
PS Media s.r.o.  (signed and verified)

Product:
sinstalator

Description:
zaváděcí soubor sinatalátoru

Version:
1.1.0.0

MD5:
8a9f667672ce5e126519288acb495630

SHA-1:
da2575f7d514a8d42f127a18be90f9a7ecaf608c

SHA-256:
eb9378062a3ebe1aa4a514bfc2745d4776075c7f69eb393cb87b50733a381e3e

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/5/2024 9:47:13 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Trojan/Win32.VB
14.03.26

ESET NOD32
Win32/sInstalator
8.9592

McAfee
Artemis!8A9F667672CE
5600.7180

File size:
662.6 KB (678,528 bytes)

Product version:
1.1.0.0

Copyright:
PS Media s.r.o.

Original file name:
sinstalator.exe

File type:
Executable application (Win32 EXE)

Language:
Czech

Common path:
C:\users\{user}\downloads\skype - 042030_slunecnice.exe

Digital Signature
Signed by:
PS Media s.r.o.

Authority:
COMODO CA Limited

Valid from:
8/3/2012 2:00:00 AM

Valid to:
8/4/2014 1:59:59 AM

Subject:
CN=PS Media s.r.o., O=PS Media s.r.o., STREET=Oldrichovice 738, L=Trinec, S=CZ, PostalCode=73961, C=CZ

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A90261CA9C587C49C5A80CEBA70DE141

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:Am+7e0YeY+DQZO0TYeBq42zKk0vf5Ik947DDRGqqNWp:A/JA+DQZO0TY34n5dC/cqSWp

Entry address:
0x86C90

Entry point:
55, 8B, EC, 83, C4, F0, B8, 28, 69, 48, 00, E8, 58, F8, F7, FF, A1, AC, 93, 48, 00, 8B, 00, E8, F4, E8, FC, FF, A1, AC, 93, 48, 00, 8B, 00, BA, F0, 6C, 48, 00, E8, F3, E4, FC, FF, 8B, 0D, 44, 92, 48, 00, A1, AC, 93, 48, 00, 8B, 00, 8B, 15, F4, 44, 48, 00, E8, E3, E8, FC, FF, A1, AC, 93, 48, 00, 8B, 00, E8, 57, E9, FC, FF, E8, 2E, D7, F7, FF, 00, 00, FF, FF, FF, FF, 0B, 00, 00, 00, 53, 49, 6E, 73, 74, 61, 6C, E1, 74, 6F, 72, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
535.5 KB (548,352 bytes)

The file skype - 042030_slunecnice.exe has been seen being distributed by the following 19 URLs.

http://software.seznam.cz/package?filename=Adobe Flash Player - 053_slunecnice.exe

http://software.seznam.cz/package?filename=Adobe Reader - 049030_slunecnice.exe

http://software.seznam.cz/package?filename=WinRAR - 024030.exe

http://software.seznam.cz/package?filename=AVG AntiVirus FREE - 056030_slunecnice.exe

http://software.seznam.cz/package?filename=OpenOffice - 055030_slunecnice.exe

http://software.seznam.cz/package?filename=VLC media player - 050_slunecnice.exe

http://software.seznam.cz/package?filename=WinRAR - 051030_slunecnice.exe

http://software.seznam.cz/package?filename=Skype - 005030.exe

http://software.seznam.cz/package?filename=Adobe Reader - 049_slunecnice.exe

http://software.seznam.cz/package?filename=WinRAR - 024.exe

http://software.seznam.cz/package?filename=Adobe Flash Player - Adobe Reader - IrfanView - 027008028030.exe

http://software.seznam.cz/package?filename=Mozilla Firefox - 003030.exe

http://software.seznam.cz/package?filename=Firefox - 048030_slunecnice.exe

http://software.seznam.cz/package?filename=Adobe Flash Player - 053030_slunecnice.exe

http://software.seznam.cz/package?filename=Mozilla Firefox - 003.exe

http://software.seznam.cz/package?filename=Avg - 026.exe

http://software.seznam.cz/package?filename=Adobe Reader - 008030.exe

http://software.seznam.cz/package?filename=Skype - 005.exe

http://software.seznam.cz/package?filename=AVG AntiVirus FREE - 056_slunecnice.exe

Scan skype - 042030_slunecnice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.