home

timati i kristina si - posmotri zaycev net.exe

Online story

The application timati i kristina si - posmotri zaycev net.exe by Online story has been detected as a potentially unwanted program by 10 anti-malware scanners.
Publisher:
Online story  (signed and verified)

MD5:
695835ef3db825a9f660e0b51afd7f44

SHA-1:
f9ab46f4683390e6838dc7f0b0609323847477dd

SHA-256:
dbc5fcfe790a272cde1c27c08878a83571b5380ba56e47ea3be83de008609d36

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 3:54:40 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:LoadMoney-FA [PUP]
160327-1

Dr.Web
Trojan.LoadMoney.451
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Kazy.464664
11.5.0.6191

ESET NOD32
Win32/AdWare.LoadMoney.OJ application
8.0.319.0

Kaspersky
not-a-virus:HEUR:Downloader.Win32.LMN
15.0.0.562

McAfee
Program.EncLoadMoney
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.217.2259.0

Norman
Gen:Variant.Adware.Kazy.464664
10.04.2016 15:29:17

VIPRE Antivirus
Threat.4657539
48690

File size:
464.1 KB (475,272 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\timati i kristina si - posmotri zaycev net.exe

Digital Signature
Signed by:
Online story

Authority:
Thawte, Inc.

Valid from:
7/15/2014 3:00:00 AM

Valid to:
6/26/2015 2:59:59 AM

Subject:
CN=Online story, OU=Online story, O=Online story, L=Moscow, S=Moscow region, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1344520A9BCE2AEAD45E4E26D52C4C48

File PE Metadata
Compilation timestamp:
7/29/2014 9:34:33 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.10

CTPH (ssdeep):
12288:APAksr5M8zn+/SgaZEiSRM5KHOJQde6w0HV5w:0fU+/FYSOUOmde0HA

Entry address:
0x8150

Entry point:
64, 8B, 35, 30, 00, 00, 00, 0F, B6, 76, 02, 85, F6, 0F, 85, 81, 03, 00, 00, 64, 8B, 1D, 30, 00, 00, 00, 8B, 5B, 0C, 83, C3, 14, 8B, 1B, 8B, 4B, 28, BF, 1A, 00, 00, 00, BE, 6A, D7, A3, 73, 81, C6, C1, 0E, A2, 8C, 46, 8A, 11, 41, 80, FA, 61, 7C, 03, 80, EA, 20, 80, F2, 46, 38, 16, 75, D8, 4F, 75, EA, 8B, 5B, 10, 8B, 7B, 3C, 01, DF, 8B, 7F, 78, 01, DF, 8B, 4F, 18, B8, 45, C6, 11, 36, 05, 03, 20, 34, CA, 89, 08, 8B, 4F, 20, 01, D9, 83, C0, 04, 89, 08, 8B, 4F, 24, 01, D9, 83, C0, 04, 89, 08, 8B, 4F, 1C, 01, D9...
 
[+]

Code size:
378.5 KB (387,584 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.