home

wot_cheat_money_new.exe

avast! Antivirus

TEKHNOLODZHI SISTEM, OOO

The executable wot_cheat_money_new.exe has been detected as malware by 1 anti-virus scanner. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
AVAST Software  (signed by TEKHNOLODZHI SISTEM, OOO)

Product:
avast! Antivirus

Description:
Smart Installer

Version:
9.0.2021.531

MD5:
8b35f44aa7ab8f2cbb367606aa196796

SHA-1:
c32abefca329ecec66d826a983c8150f3486267a

SHA-256:
917994307287a390f41eb9bfad52be37b14b6016a58809cc071080733b337f00

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/27/2024 5:08:12 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.11.17

File size:
800 KB (819,168 bytes)

Product version:
9.0.2021.531

Copyright:
Copyright (c) 2013 AVAST Software

Original file name:
AvastUi.exe

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\downloads\wot_cheat_money_new.exe

Digital Signature
Signed by:
TEKHNOLODZHI SISTEM, OOO

Authority:
COMODO CA Limited

Valid from:
3/31/2015 5:00:00 AM

Valid to:
3/31/2016 4:59:59 AM

Subject:
CN="TEKHNOLODZHI SISTEM, OOO", O="TEKHNOLODZHI SISTEM, OOO", STREET="Timura Frunze, 11/56", L=Moscow, S=Moscow province, PostalCode=119034, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E2054F9860EFB3367F087514403195B3

File PE Metadata
OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

Entry address:
0x8E1A3

Entry point:
33, C0, 2B, 44, 24, 04, 0F, 85, 79, FF, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 8B, 0D, 30, 41, 49, 00, 0F, B6, 09, 80, E9, B0, 8A, C9, 83, E9, 08, 90, 0F, 85, 62, FF, FF, FF, E9, 1F, 26, D5, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
570.5 KB (584,192 bytes)

Remove wot_cheat_money_new.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.