tustins native trainer 1.3.1.exe

NextGenUpdate

The executable tustins native trainer 1.3.1.exe, “Tustin's Native Trainer 1.16” has been detected as malware by 9 anti-virus scanners. The file has been seen being downloaded from download1173.mediafire.com.
Publisher:
NextGenUpdate

Description:
Tustin's Native Trainer 1.16

Version:
1.0.0.0

MD5:
7832ce102288b2d4bf03770f794e4d2b

SHA-1:
989ce2b0e473a110c09d7aff64c41bfab55234a1

SHA-256:
e810c2d0da14655aee004df8f894eb60d6e425ad36c4fc229dc06f76ba8ecd92

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
11/23/2024 8:05:35 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Generic!c
2.1.4+

Avira AntiVirus
TR/Dropper.Gen
8.3.3.4

Comodo Security
UnclassifiedMalware
25360

IKARUS anti.virus
Trojan.Dropper
t3scan.2.1.6.0

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.-121

McAfee
Artemis!7832CE102288
5600.6333

Panda Antivirus
Generic Suspicious
16.07.20.02

Qihoo 360 Security
Win32/Trojan.Dropper.b73
1.0.0.1120

VIPRE Antivirus
Trojan.Win32.Generic
50486

File size:
231.5 KB (237,056 bytes)

Product version:
1.0.0.0

Copyright:
NextGenUpdate

Original file name:
Tustins Native Trainer.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\tustins native trainer 1.3.1.exe

File PE Metadata
Compilation timestamp:
8/30/2014 6:33:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:3+l2yHPAGA3HXw9Y8hmoQS081RltqWShSG:k2yHIGoC081FkS

Entry address:
0x3366E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.2386

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
198 KB (202,752 bytes)

The file tustins native trainer 1.3.1.exe has been seen being distributed by the following URL.

Remove tustins native trainer 1.3.1.exe - Powered by Reason Core Security