» 455.exe
Overview
Analysis
File Details

455.exe

455

The application 455.exe, “455 Setup ” has been detected as adware by 14 anti-malware scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. It is also typically executed from the user's temporary directory.

File name:

455.exe

Product:

455

Description:

455 Setup

MD5:

4e79d7696334c3174b0e4cafa3769c4a

SHA-1:

458d0a1f5bad347919d6d08ed2787b75ca693a8e

SHA-256:

860edbbf0a3406d0863c76b622dd699a1ba6d2b5e055ea5ad7a1bf003cb6b1f2

Scanner detections:

14 / 68

Status:

Adware

Analysis date:

4/19/2024 8:06:25 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Eorezo

7.1.1

Avira AntiVirus

ADWARE/EoRezo.Gen

8.3.2.2

avast!

Win32:Adware-gen [Adw]

2014.9-151126

AVG

EoRezo

2016.0.2913

Baidu Antivirus

Adware.Win32.EoRezo

4.0.3.151126

ESET NOD32

Win32/Adware.EoRezo.AY (variant)

9.12577

Fortinet FortiGate

Adware/Eorezo

11/26/2015

Kaspersky

not-a-virus:AdWare.Win32.Eorezo

14.0.0.1061

Malwarebytes

PUP.Optional.EoRezo

v2015.11.26.07

NANO AntiVirus

Riskware.InnoSetup.EoRezo.dxwajf

0.30.26.4437

Panda Antivirus

Generic Suspicious

15.11.26.07

Reason Heuristics

PUP.Eorezo.Installer (M)

15.11.26.19

Sophos

Generic PUA EF (PUA)

4.98

VIPRE Antivirus

Adware.Eorezo

45248

File size:

421.5 KB (431,642 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\455.exe

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:5QiG3Arp1gHNNG+e7Jx9X8BsYIM3yzc28WE77ICjj:5QiyAMHNN4lnNM3yzEWA

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9173

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

Remove 455.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.