» ultraiso sn-core.exe
Overview
Analysis
File Details
Downloads (1)

ultraiso sn-core.exe

The application ultraiso sn-core.exe has been detected as a potentially unwanted program by 22 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from s10582.chomikuj.pl.

File name:

MD5:

459c2c947badbd84028018d072996445

SHA-1:

f80cec10cf26f1b3fcb7abed7429a4ec1749c948

SHA-256:

96d3de7df42dc3837e52aec44c17984fd19b248beeb865bf3ea7dc96ebfde7ab

Scanner detections:

22 / 68

Status:

Potentially unwanted

Analysis date:

11/2/2024 5:20:13 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Agent

7.1.1

AhnLab V3 Security

Win-Trojan/Xema.variant

2014.08.25

Avira AntiVirus

TR/Agent.1378419

7.11.169.54

AVG

Dropper.Generic

2015.0.3363

Bkav FE

W32.Clod29f.Trojan

1.3.0.4959

Comodo Security

ApplicUnwnt.Win32.Keygen.~A

19306

ESET NOD32

Win32/Keygen.AG (variant)

8.10310

Fortinet FortiGate

W32/Malware_fam.NB

9/2/2014

F-Prot

W32/Dropper.BDRU

v6.4.7.1.166

IKARUS anti.virus

not-a-virus.Hacktool.Keygen.UltraISO

t3scan.1.7.5.0

K7 AntiVirus

Trojan

13.183.13139

Malwarebytes

Trojan.Dropper.PGen

v2014.09.02.01

McAfee

Generic.dx!459C2C947BAD

5600.7019

NANO AntiVirus

Trojan.Win32.Agent.dmsrq

0.28.2.61721

nProtect

Trojan/W32.Agent.119808.AJ

14.08.25.01

Rising Antivirus

PE:Trojan.Win32.Generic.129E4697!312362647

23.00.65.14831

Sophos

Mal/Behav-053

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-StartPage

10384

Total Defense

Win32/Tnega.AGVB

37.0.11142

Trend Micro House Call

GRAY_Gen.0Z0707

7.2.245

Trend Micro

GRAY_Gen.0Z0707

10.465.02

VIPRE Antivirus

Trojan-Spy.Win32.Banker.ovo

32526

File size:

117 KB (119,808 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

6/20/1992 4:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

3072:76l1NdWGQTXxCWeLyiGtC5TEE3wLZGWRPbeSLsLiQ/r3t:7UsGQTXaJGt03wLZGSPbeSLsLiQrt

Entry address:

0xFE90

Entry point:

B8, 3C, DD, 49, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 17, 33, 8C, 50, AB, 55, 21, 47, 50, 13, AF, E7, 74, 42, 95, 16, 2A, 34, 5A, 0E, 22, A0, 4D, 9D, 87, E8, 72, BB, 44, 42, 96, 70, 38, 03, 65, DB, A9, BD, 49, 90, 54, 34, AC, 4E, 53, C6, F0, 1C, 4B, 08, FB, 50, 4E, 8F, 3B, 79, C5, 55, 20, D2, F3, 1A, 00, C7, 03, D6, C5, F0, 23, 64, 76, 0C, CD, A9, 58, BD, 04, 3F, FC, A6, A4, B5, F5, 22, 66, 7E, 27, 1E, 45, A0, 7E, C0, D7... 
[+]

Packer / compiler:

PECompact v2

Code size:

61 KB (62,464 bytes)

The file ultraiso sn-core.exe has been seen being distributed by the following URL.

http://s10582.chomikuj.pl/File.aspx?e=N_BDkYZIYIHhWej-4i3W2A_nV0F_5TmThdu70KCjS0W_Pb0KZ3Pef5aRci5oOfWvZKgIdGGB4R7LXgA200trhyveMfFvGZrm8NWS_jW0LsGsYgPJQaEaarHRZGeeG4h2vHtKXlK3CINq5xceK3ANNdRCYfb50WhHwMxcyg0GQLMcTSH2CkUChINpOAl5RJ9m&pv=2

Remove ultraiso sn-core.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.