home

Vistalizator.exe

Vistalizator

www.froggie.sk

The executable Vistalizator.exe, “Language Pack Installer for Vista and Windows 7” has been detected as malware by 6 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from www.froggie.sk.
Publisher:
www.froggie.sk

Product:
Vistalizator

Description:
Language Pack Installer for Vista and Windows 7

Version:
2.7.5.0

MD5:
d09f8f93e2fa7bb82251ee3495e8eabd

SHA-1:
3d6ec1598baf55ab79288d4aaeebdba2a9d88054

SHA-256:
31bc53a417d369ea350364467c3b3b080e6705dd45a61ced66400a9b58de4d58

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
12/28/2024 6:29:10 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160708-3

AVG
Win32/Sality
2015.0.4604

Emsisoft Anti-Malware
Win32.Sality
11.5.0.6191

ESET NOD32
Win32/Sality.NBA virus
8.0.319.0

F-Prot
W32/Sality.gen2
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.225.2396.0

File size:
1.2 MB (1,290,546 bytes)

Product version:
2.75

Copyright:
(c) froggie 2008-2016 (www.froggie.sk)

Original file name:
Vistalizator.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\vistalizator.exe

File PE Metadata
Compilation timestamp:
3/25/2016 6:18:33 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:2iqEJ7W1/3L3xmBm6ko9epyn7GJzxDSJt22RAGe5C5+Tt5mJiAas:LkT3Mmfo9epyaJz9SKoilAas

Entry address:
0x4B36B0

Entry point:
0F, BF, F7, C7, C3, BB, DA, 31, 2F, F2, 46, 45, 81, FA, 92, BF, F5, 84, 1B, C3, 24, 19, 86, EA, F2, C7, C5, 8F, 5D, FA, CE, 68, FA, FD, 00, 00, F3, 84, DC, 5F, 81, F0, 00, 37, B6, 54, 81, F7, 5F, 06, 00, 00, 71, 07, 32, F7, F6, C4, 3E, 14, D6, 86, ED, 8D, 1D, 89, 66, CC, 9A, 85, D8, 75, 02, 32, FA, E8, 26, 00, 00, 00, 85, D6, 38, E9, C7, C0, 34, 1D, 6E, 92, 0F, BF, C7, B5, 67, F6, C3, 59, 52, 77, 0A, 01, D1, 18, F5, F7, C2, 2C, B0, 9C, E1, 5B, 8D, 3D, 46, 0D, 9D, F6, 59, 87, D5, 80, F7, 63, C6, C6, D0, 86...
 
[+]

Entropy:
7.8081  (probably packed)

Code size:
684 KB (700,416 bytes)

The file Vistalizator.exe has been seen being distributed by the following URL.

http://www.froggie.sk/.../Vistalizator.exe

Remove Vistalizator.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.