home

1_avast_launcher.exe

Smart Inst

Finful

The executable 1_avast_launcher.exe has been detected as malware by 3 anti-virus scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from www.fishmish.space.
Publisher:
Finful

Product:
Smart Inst

Description:
smart install

Version:
143.156.199.199

MD5:
f589c9a305433c223542b7e5d3796379

SHA-1:
be267916cf2a986c4be5eccc8ed5e3e363e100c7

SHA-256:
3ad24991d9f86ea7164608170c192b7a47cf6cacdc3f8681e9eb7717830cc8dc

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/30/2024 5:13:20 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Variant.Razy.18984
11.5.0.6191

F-Secure
Application.Imonetize.2
5.15.21

Norman
Gen:Application.Imonetize.2
02.04.2016 17:35:19

File size:
989.5 KB (1,013,248 bytes)

Product version:
143.156.199.199

Copyright:
CR 2015

Trademarks:
Trd Mark

Original file name:
sstup.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
4/20/2016 8:28:00 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:bHU6qQCQz9pBzu1WeyNpoXI2/FLjvplJvNy2:7Ungz9DziXPFPvplVNz

Entry address:
0x6926

Entry point:
E8, F5, 32, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 50, 19, 42, 00, FF, 15, 84, A0, 41, 00, 85, C0, 75, 18, 56, E8, E0, 25, 00, 00, 8B, F0, FF, 15, 14, A0, 41, 00, 50, E8, 90, 25, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, D0, 19, 00, 00, C7, 06, 54, B6, 41, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, 54, B6, 41, 00, E9, 14, 1A, 00, 00, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, 54, B6, 41, 00, E8, 01, 1A, 00, 00...
 
[+]

Entropy:
7.8193  (probably packed)

Code size:
97.5 KB (99,840 bytes)

The file 1_avast_launcher.exe has been seen being distributed by the following URL.

http://www.fishmish.space/1_avast_launcher.exe

Remove 1_avast_launcher.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.