2068610-драйвер dfu.exe

The application 2068610-драйвер dfu.exe has been detected as a potentially unwanted program by 40 anti-malware scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from gorlinkbrothers.ru and multiple other hosts.
MD5:
eda1c43b7e506bbdef596f4301235d7e

SHA-1:
2cd3f81753a59d84e36a91ff11a4cf01d48a5816

SHA-256:
aca12b6c44f0446d2f420eaf3bae5ff1306451d3503472b270877b633bf46935

Scanner detections:
40 / 68

Status:
Potentially unwanted

Analysis date:
7/20/2018 3:42:15 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Zusy.93023
983

Agnitum Outpost
Trojan.Graftor
7.1.1

Avira AntiVirus
TR/achs.vlo
7.11.151.162

Antiy Labs AVL
Trojan/Win32.TSGeneric
1.0.0.1

avast!
Win32:Dropper-gen [Drp]
2014.9-140527

AVG
Downloader.Generic13
2015.0.3256

Baidu Antivirus
Trojan.Win32.Agent
4.0.3.141219

Bitdefender
Gen:Variant.Zusy.93023
1.0.20.735

Comodo Security
UnclassifiedMalware
18575

Dr.Web
Trojan.DownLoader11.15724
9.0.1.0353

Emsisoft Anti-Malware
Gen:Variant.Zusy.93023
8.14.05.27.06

ESET NOD32
Win32/Hoax.Agent.NAG (variant)
8.9955

Fortinet FortiGate
Riskware/Agent
5/27/2014

F-Secure
Gen:Variant.Zusy.93023
11.2014-27-05_3

G Data
Gen:Variant.Zusy.93023
14.5.24

IKARUS anti.virus
Zusy
t3scan.1.6.1.0

K7 AntiVirus
Riskware
13.178.12203

K7 Gateway Antivirus
Riskware
13.178.12203

Kaspersky
not-a-virus:Downloader.Win32.Agent
14.0.0.3801

McAfee
Artemis!EDA1C43B7E50
5600.7117

McAfee Web Gateway
Artemis!EDA1C43B7E50
7.7117

Microsoft Security Essentials
Trojan:Win32/Rubaid
1.10600

MicroWorld eScan
Gen:Variant.Zusy.93023
15.0.0.441

NANO AntiVirus
Trojan.Win32.Agent.czyomh
0.28.0.60253

Norman
Agent.BCTOJ
11.20141219

Panda Antivirus
Trj/CI.A
14.05.27.06

Qihoo 360 Security
Win32/Trojan.7d7
1.0.0.1015

Quick Heal
TrojanDownloader.Agent.g9
12.14.14.00

Reason Heuristics
Threat.Win.Reputation.IMP
14.12.19.0

Sophos
Generic PUA CM
4.98

Trend Micro House Call
TROJ_GEN.F47V0524
7.2.147

Trend Micro
TROJ_GEN.R0CBC0EEO14
10.465.19

Vba32 AntiVirus
suspected of Trojan.Notifier.gen
3.12.26.0

File size:
2.8 MB (2,929,152 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\2068610-??????? dfu.exe

File PE Metadata
Compilation timestamp:
5/24/2014 5:23:56 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:b7jSXoyMbetd7YlV7Ta7v0TAQuXJhgvdLUCn4GQb/4JlHrtk71:bBbetZYH7q9VXgvHQb/4JJZ0

Entry address:
0x193C

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, D0, 57, 00, A1, 9F, D0, 57, 00, C1, E0, 02, A3, A3, D0, 57, 00, 52, 6A, 00, E8, F1, 9F, 17, 00, 8B, D0, E8, 12, C4, 16, 00, 5A, E8, 0C, C0, 16, 00, E8, 2B, C9, 16, 00, 6A, 00, E8, 80, DC, 16, 00, 59, 68, 48, D0, 57, 00, 6A, 00, E8, CB, 9F, 17, 00, A3, A7, D0, 57, 00, 6A, 00, E9, 0F, 69, 17, 00, E9, B2, DC, 16, 00, 33, C0, A0, 91, D0, 57, 00, C3, A1, A7, D0, 57, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, EC, 00, 00, 00, 0B, C9...
 
[+]

Code size:
1.5 MB (1,556,480 bytes)

The file 2068610-драйвер dfu.exe has been seen being distributed by the following 2 URLs.

Remove 2068610-драйвер dfu.exe - Powered by Reason Core Security