» SPINTIRES.exe
Overview
Analysis
File Details
Downloads (1)

SPINTIRES.exe

WindowsApplication1

The executable SPINTIRES.exe has been detected as malware by 21 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from cluster011.ovh.net.

File name:

SPINTIRES.exe

Publisher:

Microsoft* (Invalid match)

Product:

WindowsApplication1

Version:

1.0.0.0

MD5:

09125c7a2bd3b5c533c4c91716621bc5

SHA-1:

bea1819f19eddd5856c0b3f3aa869748f6e964a9

SHA-256:

ce10de6e731b8ef06eb289c69ecc62bc871452cf216854c7ee26573cee82af4d

Scanner detections:

21 / 68

Status:

Malware

Analysis date:

11/27/2024 7:45:05 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.419722

626

Avira AntiVirus

TR/Kazy.6688256

8.3.1.6

avast!

Win32:Malware-gen

2014.9-150520

AVG

MSIL5

2016.0.3104

Bitdefender

Gen:Variant.Kazy.419722

1.0.20.700

Bkav FE

HW32.Packed

1.3.0.6379

Comodo Security

UnclassifiedMalware

22166

Emsisoft Anti-Malware

Gen:Variant.Kazy.419722

8.15.05.20.09

ESET NOD32

MSIL/Surveyer.AK (variant)

9.11647

F-Prot

W32/S-adf723e1

v6.4.7.1.166

F-Secure

Gen:Variant.Kazy.419722

11.2015-20-05_4

G Data

Gen:Variant.Kazy.419722

15.5.25

IKARUS anti.virus

Trojan.MSIL.Surveyer

t3scan.1.8.9.0

K7 AntiVirus

Riskware

13.204.15949

McAfee

Artemis!09125C7A2BD3

5600.6760

MicroWorld eScan

Gen:Variant.Kazy.419722

16.0.0.420

Norman

Suspicious_Gen4.HJCDX

11.20150520

Total Defense

Heur/TrojanHorse.ZCFM!suspicious

37.1.62.1

Trend Micro House Call

TROJ_GEN.R01TC0OLD14

7.2.140

Trend Micro

TROJ_GEN.R01TC0OLD14

10.465.20

VIPRE Antivirus

Trojan.Win32.Generic

40352

File size:

6.4 MB (6,688,256 bytes)

Product version:

1.0.0.0

Original file name:

SPINTIRES.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\spintires.exe

File PE Metadata

Compilation timestamp:

7/24/2014 12:09:35 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

196608:iprp5nHyNIlfMl8p2tE6Lc9B9wRQ5eOltjtU3HYe0:iprfS+S5dLc9B9wu5tjtU370

Entry address:

0x65E3DE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, AF, 21, D1, 53, 00, 00, 00, 00, 02, 00, 00, 00, 7E, 00, 00, 00, 1C, 00, 66, 00, 1C, C8, 65, 00, 52, 53, 44, 53, DC, 72, 9E, AC, C7, 2F, DB, 46, 88, D8, 89, 08, 28, 34, A8, 91, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 57, 6F, 6A, 74, 65, 6B, 5C, 44, 6F, 77, 6E, 6C, 6F, 61, 64, 73, 5C, 44, 65, 73, 6B, 74, 6F, 70, 20, 28, 37, 29, 5C, 49, 6E, 73, 74... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

6.4 MB (6,669,312 bytes)

The file SPINTIRES.exe has been seen being distributed by the following URL.

http://cluster011.ovh.net/~pobierzntf/.../SPINTIRES.exe

Remove SPINTIRES.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.