home

antydialer.exe

TP Internet Sp. z o.o.

Publisher:
TP Internet Sp. z o.o.  (signed and verified)

MD5:
0438f9fbae375820acff770a44fd58ae

SHA-1:
5fd0da41e6e4953243e3b84806dd24a6d76c248d

Scanner detections:
6 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/8/2024 2:51:19 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.16730

Comodo Security
Heur.Suspicious
24838

McAfee
Artemis!0438F9FBAE37
5600.6323

NANO AntiVirus
Trojan.Win32.Agent2.msniw
1.0.30.8000

Rising Antivirus
PE:Trojan.Win32.FakePic.bv!1597862 [F]
23.00.65.16728

Vba32 AntiVirus
BScope.Trojan.AET.31115
3.12.26.4

File size:
1.3 MB (1,353,256 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\documents and settings\jbem\pulpit\dysk z\antydialer\antydialer.exe

Digital Signature
Signed by:
TP Internet Sp. z o.o.

Authority:
TP Internet Sp. z o.o.

Valid from:
7/28/2003 9:47:45 AM

Valid to:
7/28/2006 8:47:45 AM

Subject:
CN=Certyfikat do podpisu oprogramowania - CC Signet - Klasa1, OU=Centrum Certyfikacji Signet, O=TP Internet Sp. z o.o., C=PL

Issuer:
CN=CC Signet - CA Klasa 1, OU=Centrum Certyfikacji Signet, O=TP Internet Sp. z o.o., C=PL

Serial number:
3F24D521

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:vEOZX3OIWm4Ud96ppajbUT8GgFV77oI02M8Qc2FlXuUpYBHy:vEOVbP4cpelc771w8Qc2FZYBS

Entry address:
0xC5D8

Entry point:
55, 8B, EC, 83, C4, C0, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, C4, 89, 45, C0, E8, CF, 6A, FF, FF, E8, B2, 7F, FF, FF, E8, 2D, A2, FF, FF, E8, 74, A2, FF, FF, E8, 63, A3, FF, FF, E8, 12, F6, FF, FF, BE, 28, 00, 41, 00, 33, C0, 55, 68, DF, CC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 6F, CC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, F0, 40, 00, E8, E7, FE, FF, FF, E8, AA, F9, FF, FF, 8D, 55, F0, 33, C0, E8, A4, ED, FF, FF, 8B, 55, F0, B8, 8C, FD, 40, 00, E8, 7B, 6B, FF, FF, 8B, 15, 8C, FD, 40, 00, B8...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
47.5 KB (48,640 bytes)

Scan antydialer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.