» admiralmarketscy.exe
Overview
Analysis
File Details
Downloads (1)

admiralmarketscy.exe

Web installer

FINEXWARE-Technologies GmbH

File name:

Publisher:

FINEXWARE-Technologies GmbH (signed and verified)

Product:

Web installer

Version:

1.1.0.0

MD5:

794a65e0f80cb03814e101873515054e

SHA-1:

30591e086841dea19e8e5805221d0482158ce188

SHA-256:

e63e1cc1cf88d598fc5d7981d3fbeb87b8418cb31604468fe88a5b5ac1b0ee85

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

6/26/2025 1:57:40 PM UTC (today)

File size:

5.9 MB (6,223,584 bytes)

Product version:

1.1.0.0

Original file name:

WebInstall.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\admiralmarketscy.exe

Digital Signature

Signed by:

FINEXWARE-Technologies GmbH

Authority:

COMODO CA Limited

Valid from:

5/22/2015 2:00:00 AM

Valid to:

5/22/2016 1:59:59 AM

Subject:

CN=FINEXWARE-Technologies GmbH, O=FINEXWARE-Technologies GmbH, STREET=Thoelauer Str.13, L=Marktredwitz, S=Bayern, PostalCode=95615, C=DE

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2E7F848508B5F51C5758F22E54260895

File PE Metadata

Compilation timestamp:

4/20/2016 3:21:57 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

98304:UT0Dn3hjYdiVV2JBh3yNk2BoBsAacM2ebEuJ/ErFv671COGE+e6bC6n9U:U/aF8acPe4uJ/ErpW7N+e6bCui

Entry address:

0x150AE6

Entry point:

E8, C9, 0F, 00, 00, E9, 80, FE, FF, FF, 55, 8B, EC, FF, 75, 08, E8, 1C, B1, EC, FF, 59, 5D, C3, 3B, 0D, A4, 30, 8E, 00, F2, 75, 02, F2, C3, F2, E9, F8, 0B, 00, 00, CC, 51, 8D, 4C, 24, 04, 2B, C8, 1B, C0, F7, D0, 23, C8, 8B, C4, 25, 00, F0, FF, FF, 3B, C8, F2, 72, 0B, 8B, C1, 59, 94, 8B, 00, 89, 04, 24, F2, C3, 2D, 00, 10, 00, 00, 85, 00, EB, E7, CC, CC, CC, B9, 01, 00, 00, 00, F2, 0F, 10, 2D, E8, 5E, 84, 00, EB, 1C, B9, 02, 00, 00, 00, F2, 0F, 10, 2D, F0, 5E, 84, 00, EB, 0D, B9, 03, 00, 00, 00, F2, 0F, 10... 
[+]

Entropy:

6.5583

Code size:

4.1 MB (4,256,256 bytes)

The file admiralmarketscy.exe has been seen being distributed by the following URL.

https://admiral.atlassian.net/secure/attachment/.../AdmiralMarketsCY (1).exe

Scan admiralmarketscy.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.