» anvi smart defender v. 1.8.exe
Overview
Analysis
File Details
Programs (1)
Downloads (2)

anvi smart defender v. 1.8.exe

Anvei Technology Co., LTD

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from download.anvisoft.com and multiple other hosts.

File name:

Publisher:

Anvei Technology Co., LTD (signed and verified)

MD5:

f782fc2022e2869974461f8aabbd00f4

SHA-1:

b12fd3602f4e80720773c9e90edf9a59400e0ab0

SHA-256:

d14a00a6997444f7e847ed1e521d353b9c8c0d9d6bdd66ebf8b800abae52282f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/24/2024 8:38:55 AM UTC (today)

File size:

27.7 MB (29,016,792 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Digital Signature

Signed by:

Anvei Technology Co., LTD

Authority:

VeriSign, Inc.

Valid from:

10/13/2011 2:00:00 AM

Valid to:

10/13/2014 1:59:59 AM

Subject:

CN="Anvei Technology Co., LTD", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Anvei Technology Co., LTD", L=Chengdu, S=Sichuan, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1C0BF93BBAA58FC100BA37A6E491A8FB

File PE Metadata

Compilation timestamp:

12/5/2009 11:50:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

786432:jJlyA9Qs+MQLcjBCtE/3zgQ2vl85x0rYecljjHX0xZy:jJUA9Qs+MQ4jd7O98UFcljj34I

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file anvi smart defender v. 1.8.exe has been discovered within the following program.

360Amigo System Speedup Free by 360Amigo

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.360amigo.com

53% remove it

The file anvi smart defender v. 1.8.exe has been seen being distributed by the following 2 URLs.

http://download.anvisoft.com/.../asdsetup.exe

http://software-files-a.cnet.com/s/software/12/90/27/.../asdsetup.exe

Scan anvi smart defender v. 1.8.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.