home

{22c192e0-3244-405f-abbe-b90fef5219ef}.exe

The application {22c192e0-3244-405f-abbe-b90fef5219ef}.exe has been detected as a potentially unwanted program by 10 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
MD5:
ebae8c9575d2a9f57f3f0a7fa86acc59

SHA-1:
b526858d890aa4ba84907b56b78b4c74bd881645

SHA-256:
9049f707af1a01a64d3ca3ac0c5c5b26e478d6f45b13e5b5ad23dc5ac57f7b8a

Scanner detections:
10 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/26/2024 8:12:24 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.InstallCore
7.1.1

AVG
Clickmein
2015.0.3367

Dr.Web
infected with Trojan.Packed.24524
9.0.1.05190

ESET NOD32
Win32/InstallCore.BY potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/InstallCore
8/29/2014

Malwarebytes
PUP.Optional.InstallCore
v2014.08.29.05

McAfee
Artemis!B083FC1C17AD
5600.7023

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.14827

Sophos
AnyProtect
4.98

Vba32 AntiVirus
Downware.InstallCore
3.12.26.3

File size:
531.3 KB (544,027 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Documents and Settings\{user}\Application data\iolo\safetynet\manual\{e94d9750-8c9a-4b38-8ff5-4fd6ee69aced}\{22c192e0-3244-405f-abbe-b90fef5219ef}.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
12288:6KAl1aAR15aLqHM1VCISUxVYpQgJEgGdLlwYkMRtvkijWBABm5:6vlR2LkM1YISU7YpfJtGvwovA

Entry point:
50, 4B, 03, 04, 14, 00, 00, 00, 08, 00, F3, 6E, 2C, 44, C3, 99, 85, 63, 65, 4C, 08, 00, 20, CC, 08, 00, 2A, 00, 00, 00, 7B, 32, 32, 43, 31, 39, 32, 45, 30, 2D, 33, 32, 34, 34, 2D, 34, 30, 35, 46, 2D, 41, 42, 42, 45, 2D, 42, 39, 30, 46, 45, 46, 35, 32, 31, 39, 45, 46, 7D, 2E, 65, 78, 65, CC, BD, 79, 58, 53, D7, 16, 37, 7C, 42, 02, 26, 10, 05, 11, A7, 8A, 8A, 36, B6, CE, F5, 88, B6, 56, D4, 46, 01, 2B, 1A, 14, 45, 40, 9C, 07, B0, 11, 71, 28, 24, 0E, 75, 4A, 1A, B9, 35, 9C, 72, 6B, EF, B5, A3, D5, 62, A7, 6B...
 
[+]

Remove {22c192e0-3244-405f-abbe-b90fef5219ef}.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.