SputnikHelper.exe

Mail.Ru Sputnik Helper

LLC Mail.Ru

The executable SputnikHelper.exe, “Mail.Ru IEBar helper object” has been detected as malware by 1 anti-virus scanner.
Publisher:
Mail.Ru  (signed by LLC Mail.Ru)

Product:
Mail.Ru Sputnik Helper

Description:
Mail.Ru IEBar helper object

Version:
2, 4, 0, 368

MD5:
49adaee922c0f0980afe22c2ff72de10

SHA-1:
e9b55bb38f9c0ee2fe3e4f4e6c87718318e47c08

SHA-256:
4223059608884acbac20fcd8481f605b4724b4067bb4da73447a60b85eb2c75f

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/23/2024 10:33:53 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
17.2.26.10

File size:
480.7 KB (492,209 bytes)

Product version:
2, 4, 0, 368

Copyright:
Copyright © 2005 - 2011

Original file name:
SputnikHelper.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\mail.ru\sputnik\sputnikhelper.exe

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
1/11/2010 5:30:00 AM

Valid to:
1/12/2012 5:29:59 AM

Subject:
CN=LLC Mail.Ru, OU=Secure Application Development, O=LLC Mail.Ru, L=Moscow, S=Moscow region, C=RU

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
18187BCC2DAF1EDD44A2F454900EC5DC

File PE Metadata
Compilation timestamp:
8/1/2011 1:59:54 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x34FB0

Entry point:
60, E8, 00, 00, 00, 00, 5B, 81, EB, D0, 48, 00, 10, 83, EC, 74, 8B, EC, 8B, 83, AB, 4B, 00, 10, 89, 45, 00, 8B, 83, B3, 4B, 00, 10, 03, 45, 00, 89, 45, 2C, 8B, 83, B7, 4B, 00, 10, 03, 45, 00, 89, 45, 30, C7, 45, 14, 00, 00, 00, 00, C7, 45, 18, 00, 00, 00, 00, C7, 45, 1C, 00, 00, 00, 00, 8B, 45, 14, FF, 45, 14, 66, 33, C9, 8A, 8C, 03, FF, 4B, 00, 10, 84, C9, 74, 7A, 8B, 45, 1C, 66, 01, 4D, 1C, 03, C3, 05, 13, 4C, 00, 10, 50, 8B, 45, 2C, FF, 10, 85, C0, 0F, 84, 5E, 02, 00, 00, 89, 45, 10, 8B, 45, 1C, 03, C3...
 
[+]

Entropy:
6.5268

Packer / compiler:
ASPack v1.08.04

Code size:
291.5 KB (298,496 bytes)

Windows Firewall Allowed Program
Name:
c:\program files (x86)\mail.ru\sputnik\sputnikhelper.exe


Remove SputnikHelper.exe - Powered by Reason Core Security