home

vittoz.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.club-positif.com and multiple other hosts.
MD5:
3683da9187eb5a7b361a64ada9836954

SHA-1:
f54e3b36039bfc035bb201b2b8c33a1cab4481a7

SHA-256:
d2780f5e5d1d70e5bf69a5af3e50aa098b5c912b5bdcceea036e6fd31a128a6e

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
1/14/2025 9:50:07 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Paked
1.3.0.4959

Quick Heal
(Suspicious) - DNAScan
10.14.14.00

File size:
794.3 KB (813,336 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\vittoz.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:sqFFoqW06m151JVszea8F6kCTUwFHEPLTok5Rd4K9VI1NUrpsrGgx0EfidGHl:sqT7M8Nw055AK9u1NUrpsJaEF

Entry address:
0x158046

Entry point:
B8, 00, 80, 55, 00, 68, F8, A0, 4F, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 66, 9C, 60, 50, 8B, D8, 03, 00, 68, 74, B5, 06, 00, 6A, 00, FF, 50, 1C, 89, 43, 08, 68, 00, 00, 40, 00, 8B, 3C, 24, 8B, 33, 66, 81, C7, 80, 07, 8D, 74, 1E, 08, 89, 3B, 53, 8B, 5E, 10, 56, 6A, 02, 68, 80, 08, 00, 00, 57, 6A, 31, 6A, 09, 56, 6A, 04, 68, 80, 08, 00, 00, 57, FF, D3, 83, EE, 08, 59, F3, A5, 59, 66, 83, C7, 5C, 81, C6, 9C, 01, 00, 00, F3, A5, FF, D3, 58, 8D, 90, C0, 01, 00, 00, 8B, 0A, 83, C2, 14, 8B...
 
[+]

Entropy:
7.9671

Packer / compiler:
PEtite v2.2

Code size:
1001.5 KB (1,025,550 bytes)

The file vittoz.exe has been seen being distributed by the following 4 URLs.

http://www.club-positif.com/vittoz.exe

http://www.cpositif.com/vittoz.exe

http://clicks.aweber.com/y/.../?l=Oug0k&m=plSUwDVkYtFY&b=RrdEQwWlyERkHm0ZjS4cTw

http://cpositif.com/content/.../vittoz.exe

Scan vittoz.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.