» tin9.exe
Overview
Analysis
File Details
Downloads (1)

tin9.exe

InstallMate

Tarma Software Research Ltd

This is a setup and installation application. The file has been seen being downloaded from www.installmate.com.

File name:

tin9.exe

Publisher:

Tarma Software Research Ltd (signed and verified)

Product:

InstallMate

Description:

Installer for InstallMate

Version:

2016.10.1.1027

MD5:

fda719d44cfd2b0dd180d6b93d93e82a

SHA-1:

90d0f893b7bd4788bbdaf433f31784b7c66f75db

SHA-256:

320a249ae4f5d66e446259c40efdfbab227d5a172f290ceee18c8b31aaef84c2

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/24/2024 12:36:03 PM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Win32.Trojan.WisdomEyes.16070401.9500

4.0.3.17221

Dr.Web

Trojan.Packed

9.0.1.052

Rising Antivirus

Malware.Generic!RyiugAhaGG@3 (thunder)

23.00.65.17219

File size:

5.4 MB (5,645,752 bytes)

Product version:

9.63.0.6119

Original file name:

tin9.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\tin9.exe

Digital Signature

Signed by:

Tarma Software Research Ltd

Authority:

DigiCert Inc

Valid from:

8/21/2014 5:30:00 AM

Valid to:

10/25/2017 5:30:00 PM

Subject:

CN=Tarma Software Research Ltd, O=Tarma Software Research Ltd, L=St Albans, S=Hertfordshire, C=GB, SERIALNUMBER=09173284, OID.1.3.6.1.4.1.311.60.2.1.3=GB, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

02F1131FF1F41A8447B50AC087387AB3

File PE Metadata

Compilation timestamp:

10/1/2016 2:26:01 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0x1592

Entry point:

55, 8B, EC, 81, EC, 2C, 06, 00, 00, 53, 56, 57, 33, FF, 66, 89, BD, D4, F9, FF, FF, 89, 7D, F4, 89, 7D, FC, FF, 15, 70, 30, 40, 00, 8B, D8, BE, 04, 01, 00, 00, 56, 8D, 85, E4, FD, FF, FF, 50, FF, 15, 18, 30, 40, 00, 3B, C7, 74, 15, 3B, C6, 73, 11, 8D, 85, E4, FD, FF, FF, 50, FF, 15, 6C, 30, 40, 00, 85, C0, 75, 06, FF, 15, 08, 30, 40, 00, 8D, 45, EC, 50, FF, 15, 68, 30, 40, 00, FF, 15, 64, 30, 40, 00, 8B, F8, F7, D7, 33, FB, FF, 15, 60, 30, 40, 00, 33, F8, 8B, 45, F0, 33, 45, EC, 56, 33, F8, 8D, 85, E4, FD... 
[+]

Entropy:

7.9971

Developed / compiled with:

Microsoft Visual C++

Code size:

8 KB (8,192 bytes)

The file tin9.exe has been seen being distributed by the following URL.

http://www.installmate.com/.../tin9.exe

Scan tin9.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.