» tunesup-for-skype-2-0-0-74-beta-en.exe
Overview
Analysis
File Details
Downloads (1)

tunesup-for-skype-2-0-0-74-beta-en.exe

HLT Hausleittechnik GmbH, Germany

The executable tunesup-for-skype-2-0-0-74-beta-en.exe, “TunesUp 2.0 (Beta) Setup ” has been detected as malware by 20 anti-virus scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from dw4.en.uptodown.com.

File name:

Publisher:

HLT Hausleittechnik GmbH, Germany

Description:

TunesUp 2.0 (Beta) Setup

Version:

2.0.0.74

MD5:

42f44948cdc1e09e2488dd0fa7c71550

SHA-1:

72ec28b7caec0d2266eda4b5bfd05a123f065232

SHA-256:

e109add761d8075cc234b85cf20f8febe8c63cb377ed09aa2f18b3f414452493

Scanner detections:

20 / 68

Status:

Malware

Analysis date:

11/16/2024 5:38:44 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Backdoor.Generic.86062

493

Agnitum Outpost

Backdoor.Agent

7.1.1

AVG

BackDoor.Generic13

2016.0.2971

Bitdefender

Backdoor.Generic.86062

1.0.20.1365

Comodo Security

UnclassifiedMalware

21248

Emsisoft Anti-Malware

Backdoor.Generic.86062

8.15.09.30.11

F-Prot

W32/Backdoor.BYRR

v6.4.7.1.166

F-Secure

Backdoor.Generic.86062

11.2015-30-09_4

G Data

Backdoor.Generic.86062

15.9.25

IKARUS anti.virus

Backdoor.Win32.SuspectCRC

t3scan.1.8.6.0

McAfee

Artemis!42F44948CDC1

5600.6627

MicroWorld eScan

Backdoor.Generic.86062

16.0.0.819

NANO AntiVirus

Trojan.Win32.BYRR.bukms

0.30.0.296

Norman

Suspicious_Gen3.AONP

11.20150930

nProtect

Backdoor.Generic.86062

15.02.27.01

Qihoo 360 Security

Win32/Trojan.Downloader.6c4

1.0.0.1015

Sophos

Mal/Generic-L

4.98

Vba32 AntiVirus

Backdoor.Hupigon

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

38008

ViRobot

Backdoor.Win32.S.Agent.2485081[h]

2014.3.20.0

File size:

2.4 MB (2,485,081 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

English (United States)

Common path:

C:\users\{user}\downloads\tunesup-for-skype-2-0-0-74-beta-en.exe

File PE Metadata

Compilation timestamp:

6/20/1992 5:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:76dVItoJV03KGS/DHu8iME+n/VnYOqGyXM+1S+SLCxM3JNgR/oCui1XukX4:edasVDGS75E+n/VgrXMMS+Si+gR/V1Xk

Entry address:

0x97F0

Entry point:

55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, D6, 98, FF, FF, E8, DD, AA, FF, FF, E8, 00, CD, FF, FF, E8, 47, CD, FF, FF, E8, 3E, F3, FF, FF, E8, A5, F4, FF, FF, 33, C0, 55, 68, 9A, 9E, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 50, 9E, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 5A, FA, FF, FF, 8D, 55, F0, 33, C0, E8, C0, D1, FF, FF, 8B, 55, F0, B8, D4, BD, 40, 00, E8, 87, 99, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D4, BD, 40, 00, B2, 01, B8... 
[+]

Entropy:

7.9961

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

36 KB (36,864 bytes)

The file tunesup-for-skype-2-0-0-74-beta-en.exe has been seen being distributed by the following URL.

http://dw4.en.uptodown.com/dl/1435846213/.../tunesup-for-skype-2-0-0-74-beta-en.exe

Remove tunesup-for-skype-2-0-0-74-beta-en.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.