home

tti_6.0_he_downloader.exe

Trend Micro Titanium

Trend Micro, Inc.

This is a setup program which is used to install the application. This is installed with Trend Micro Titanium Maximum Security. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
Trend Micro Inc.  (signed by Trend Micro, Inc.)

Product:
Trend Micro Titanium

Version:
6.0.0.1215

MD5:
6eb196fc9b604bb23e9bf428b55d1d23

SHA-1:
488de89e085fdfd6b77e68dc6251b610fdb88f43

SHA-256:
9a50242a12035a83f462ad1bbba8fcaedb50c477e45bfa2da4e07392863184bf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 4:36:11 AM UTC  (today)

File size:
5.9 MB (6,160,824 bytes)

Product version:
6.0

Copyright:
Copyright (C) 2008 - 2012 Trend Micro Incorporated. All rights reserved.

Trademarks:
Copyright (C) Trend Micro Inc.

Original file name:
7zsfx.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\tti_6.0_he_downloader.exe

Digital Signature
Signed by:
Trend Micro, Inc.

Authority:
VeriSign, Inc.

Valid from:
12/27/2011 1:00:00 AM

Valid to:
2/16/2013 12:59:59 AM

Subject:
CN="Trend Micro, Inc.", OU=RD, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Trend Micro, Inc.", L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6326C00EAD256B6837EEB29B5EE84720

File PE Metadata
Compilation timestamp:
7/25/2012 4:06:57 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:Tt9GHvIF7gcwWJ7z3tJmkgYiuj4A0pHC7Zwfvto+eHn2hJkcBPeUE/41IWGw/:J9GHvIF7gcwQzCkgYiujEtC74SH2hvBP

Entry address:
0x6F3E7

Entry point:
E8, 7B, 63, 00, 00, E9, 17, FE, FF, FF, 3B, 0D, A0, CD, 4A, 00, 75, 02, F3, C3, E9, FB, 63, 00, 00, 8B, C1, 83, 60, 04, 00, 83, 60, 08, 00, C7, 00, 3C, 28, 49, 00, C3, 53, 8B, 5C, 24, 08, 56, 57, 8B, F9, C7, 07, 3C, 28, 49, 00, 8B, 03, 85, C0, 74, 26, 50, E8, 44, 65, 00, 00, 8B, F0, 46, 56, E8, 86, 14, 00, 00, 85, C0, 59, 59, 89, 47, 04, 74, 12, FF, 33, 56, 50, E8, B8, 64, 00, 00, 83, C4, 0C, EB, 04, 83, 67, 04, 00, C7, 47, 08, 01, 00, 00, 00, 8B, C7, 5F, 5E, 5B, C2, 04, 00, 53, 8B, 5C, 24, 08, 56, 8B, F1...
 
[+]

Code size:
572 KB (585,728 bytes)

The file tti_6.0_he_downloader.exe has been discovered within the following program.

Trend Micro Titanium Maximum Security  by Trend Micro Inc.
Publisher's description - “Trend Micro Titanium Maximum Security is all-in-one, easy-to-use protection for everything you and your family do online-email, socialize, bank, browse, shop, and more. It provides you with a friendly interface, simple screens, and clear reports.”
www.trendmicro.com
10% remove it
 
Powered by Should I Remove It?

The file tti_6.0_he_downloader.exe has been seen being distributed by the following 6 URLs.

http://dw.uptodown.com/dwn/TUAzasNXwsGaacD4PuDwvmvWpTa24GjcRUK3QktVbxq8eKfWTb9HipCD1VNdZzy2bSIGVcYhsTE0wPv3vVT4NB6uUaZkRaBN2-JyB0ioMFPTW8Z7Wi4s8iqlhO0FXvh8/Qb6AOme2oRT7_P9oJb1Lee8arW9yKBuAp8EMD1hj3xgwHaC1wO6AMcAcXbMBf9Bf0R2ityeU_d2oi6pl6EWZDHH1HV6nCjAS_ogVI8PPwKCYNBZHo1GhTbP8sDgekMx1/LmcXvlQ3gsmIVN2uSIlsoDQl3HKBpQyv1BW9LCmwl0geFcyrJA-6LEA_9yDnUOEjQI8_SkB_vqtmWEdXT8kz7qg5EvEAdnmcEfM0pr3Zj4I68DMo3Pdj4__e8YT_THA3/.../

http://shop.trendmicro.com.au/.../?retail

http://gr.trendmicro.com/.../NonPayment?Target=SIA_downloader&pid=TE60&FunID=tm.us&locale=EN-US

http://trial.trendmicro.com/myaccount/Ti6.0/SIA/.../TTi_6.0_HE_Downloader.exe

http://gr.trendmicro.com/.../NonPayment?Target=SIA_Downloader_EN&PID=TE60&VID=

http://gr.trendmicro.com/.../NonPayment?Target=SIA_downloader&locale=EN-US&pid=TE60&FunID=

Scan tti_6.0_he_downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.