» yarost 2014 dt dvdscr 1400mb.exe
Overview
Analysis
File Details
Downloads (1)

yarost 2014 dt dvdscr 1400mb.exe

Installer Plugin

Alexander Roshal

The application yarost 2014 dt dvdscr 1400mb.exe has been detected as a potentially unwanted program by 28 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from bolnica-v-gorode.ru.

File name:

Publisher:

Alexander Roshal

Product:

Installer Plugin

Version:

3.92.0

MD5:

59bbace9216a93c4c09130ed642df767

SHA-1:

8831794a72d72dc7b4e117a50bfb2d9e4435187d

SHA-256:

49dbe7a3ca02a1a13859d0ac74eed2ae5b8fb1342711aa2a67c99a3390deaf60

Scanner detections:

28 / 68

Status:

Potentially unwanted

Analysis date:

11/16/2024 10:27:25 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Heur.FKP.1

5763971

AhnLab V3 Security

PUP/Win32.LoadMoney

2015.07.08

Avira AntiVirus

TR/Dropper.Gen

8.3.1.6

Arcabit

Trojan.FKP.1

1.0.0.425

avast!

Win32:Installer-U [PUP]

150602-1

AVG

Win32/Cryptor

2015.0.4355

Bitdefender

Gen:Heur.FKP.1

1.0.20.940

Clam AntiVirus

Win.Trojan.Agent-823428

0.98/20656

Comodo Security

Application.Win32.Loadmoney.UDA

22695

Dr.Web

Trojan.LoadMoney.336

9.0.1.05190

Emsisoft Anti-Malware

Gen:Heur.FKP

10.0.0.5366

ESET NOD32

Win32/Adware.LoadMoney.ACX application

7.0.302.0

F-Prot

W32/Plocust.B2.gen

v6.4.7.1.166

F-Secure

Gen:Heur.FKP.1

5.14.151

G Data

Gen:Heur.FKP

15.7.25

IKARUS anti.virus

not-a-virus:Downloader.Plocust

t3scan.1.9.5.0

K7 AntiVirus

Unwanted-Program

13.205.16489

Kaspersky

not-a-virus:Downloader.Win32.Plocust

15.0.0.543

Malwarebytes

PUP.Optional.LoadMoney

v2015.07.07.07

McAfee

Program.Packed-CQ

17.6.569.0

Microsoft Security Essentials

Threat.Undefined

1.201.1110.0

MicroWorld eScan

Gen:Heur.FKP.1

16.0.0.564

NANO AntiVirus

Trojan.Win32.LMN.dkorst

0.30.24.2487

Norman

Gen:Heur.FKP.1

07.07.2015 03:10:29

Panda Antivirus

Trj/Genetic.gen

15.07.07.07

Rising Antivirus

PE:Malware.XPACK-HIE/Heur!1.9C48

23.00.65.15705

Sophos

Virus 'Troj/LdMon-J'

5.15

VIPRE Antivirus

Threat.4657539

40786

File size:

523.5 KB (536,064 bytes)

Original file name:

Installer Plugin.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\yarost 2014 dt dvdscr 1400mb.exe

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:nVmMfmySkqhfPHzCIMQkyT4+vw//4yt/rYmVRFenIe6:VmMfmzhf/WIlT4+vaemrej6

Entry address:

0x1858

Entry point:

31, C0, 89, 05, 40, 2F, 47, 00, 74, 3E, 89, 3D, 8F, 00, 47, 00, 66, 39, 35, 32, 00, 47, 00, 7F, 10, 8D, 0D, 3F, 00, 47, 00, 01, 01, 89, 15, E5, 00, 47, 00, EB, 19, C6, 05, 95, 00, 47, 00, 4E, 29, 0D, 19, 00, 47, 00, 89, 1D, 03, 01, 47, 00, 81, E6, FA, 00, 00, 00, 89, 05, 71, 00, 47, 00, BF, A0, 10, 40, 00, 89, 3D, 10, 40, 47, 00, E9, 5C, F9, FF, FF, 83, F9, FF, 7F, 07, 2D, BF, 00, 00, 00, EB, 14, 89, FE, 89, 1D, D8, 00, 47, 00, 01, 15, EB, 00, 47, 00, 89, 0D, D7, 00, 47, 00, C7, 05, 48, 00, 47, 00, 92, 62... 
[+]

Code size:

441.5 KB (452,096 bytes)

The file yarost 2014 dt dvdscr 1400mb.exe has been seen being distributed by the following URL.

http://bolnica-v-gorode.ru/down.php?q=?????? / Fury (2014) ??????? ????????? ????? ???????&sl=http://kinokubik.com/.../download.php?id=8321

Remove yarost 2014 dt dvdscr 1400mb.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.