vnsle44a.tmp

The file vnsle44a.tmp has been detected as malware by 3 anti-virus scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. Additionally, the file is typically installed by a number of programs including Remote Desktop Access (VuuPC) by CMI Limited and Eppink by Eppink, both potentially unwanted software. The file has been seen being downloaded from d2vubraihqcany.cloudfront.net and multiple other hosts.
Description:
install

Version:
1.0.0.0

MD5:
591fbd6af1bba434adeffeabf17ec5a8

SHA-1:
35e605c920b7f80f59f665e2941854c062be878b

SHA-256:
aece1bb259bcaf50d3aafc6e8529817326e9062219d9fb4ae4eeda7cd1a7b82e

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
12/24/2024 1:46:30 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM42.0.Malware.Gen
1.0.0.1015

Reason Heuristics
(M)
16.6.17.18

Rising Antivirus
NS:PUF.SilenceInstaller!1.9DDF
23.00.65.15222

File size:
337 KB (345,094 bytes)

Product version:
1.0.0.0

Copyright:
(c) 2014

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\00000000-1424782373-0000-0000-001fd09dde9b\vnsle44a.tmp

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:He34lT3WH9Inp2mHkL75+ZPPfnE2Qyn2FEtt2NB6+sahwEAF3Uz4tt2JB6+s1:fTGH9DLF+ZPPfnEUnsEWfXs6/AF3BW7U

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9073

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file vnsle44a.tmp has been discovered within the following programs.

Eppink  by Eppink
62% remove it
Developed and distributed through bundled installer from Click Me In. The software may be bundled by 3rd-party products using the InstallCore distribution platform.
vuupc.com/terms.html
About 82% of users remove it
 
Powered by Should I Remove It?

The file vnsle44a.tmp has been seen being distributed by the following 2 URLs.

Remove vnsle44a.tmp - Powered by Reason Core Security