home

1_avast_launcher.exe

Vega Stp

SPRT

The executable 1_avast_launcher.exe has been detected as malware by 3 anti-virus scanners. The file has been seen being downloaded from www.fishmish.space and multiple other hosts.
Publisher:
SPRT

Product:
Vega Stp

Description:
tiny install

Version:
167.100.58.135

MD5:
0450f900d6481d4b458fa264629fd7ad

SHA-1:
19b5b064fbdd4788f4bbb9a097ecba8a7189332b

SHA-256:
2fa66c7e65d2ac6b4eb010be07da148563ad136b10dbcca8314233a5dd0641cb

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/30/2024 8:22:45 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Application.Imonetize
11.5.0.6191

F-Secure
Application.Imonetize.2
5.15.96

Norman
Gen:Application.Imonetize.2
02.04.2016 17:35:19

File size:
1.2 MB (1,257,472 bytes)

Product version:
167.100.58.135

Copyright:
Copyright 2015

Trademarks:
Pepcyc

Original file name:
file.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
4/20/2016 10:23:51 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:mtJ3o4cuMv2gc59iVQB7f7xthN3rOQ373MDFsB7Vvb4CzKav5+:mt8vkxsQL3MCxDtvw

Entry address:
0x6C47

Entry point:
E8, 02, 2A, 00, 00, E9, 75, FE, FF, FF, 6A, 03, E8, B6, 29, 00, 00, 59, 83, F8, 01, 74, 15, 6A, 03, E8, A9, 29, 00, 00, 59, 85, C0, 75, 1F, 83, 3D, E0, 72, 41, 00, 01, 75, 16, 68, FC, 00, 00, 00, E8, 3C, 00, 00, 00, 68, FF, 00, 00, 00, E8, 32, 00, 00, 00, 59, 59, C3, 55, 8B, EC, 8B, 4D, 08, 33, C0, 3B, 0C, C5, C0, FD, 40, 00, 74, 0A, 40, 83, F8, 17, 72, F1, 33, C0, 5D, C3, 8B, 04, C5, C4, FD, 40, 00, 5D, C3, FF, 15, 30, E1, 40, 00, E9, 3B, 6A, 00, 00, 55, 8B, EC, 81, EC, FC, 01, 00, 00, A1, F8, 63, 41, 00...
 
[+]

Entropy:
6.6829

Code size:
52 KB (53,248 bytes)

The file 1_avast_launcher.exe has been seen being distributed by the following 4 URLs.

http://www.fishmish.space/14_nod32_launcher.exe

http://www.fishmish.space/9_nod32_launcher.exe

http://www.fishmish.space/8_avast_launcher.exe

http://www.fishmish.space/1_avast_launcher.exe

Remove 1_avast_launcher.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.