home

asus eeepc 1201ha w7.exe

LLC ITC

The application asus eeepc 1201ha w7.exe by LLC ITC has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from forces.sunshinerus.ru.
Publisher:
LLC ITC  (signed and verified)

MD5:
dedb864d99d862a67eaa6b570810ef71

SHA-1:
00bc81b4460284319050860f7dc914aad116d7a6

SHA-256:
c58764dd076516f558894e818219286de486616c17244da6fcfd1f251437d4bd

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/19/2024 9:50:31 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.14.19

File size:
487.4 KB (499,048 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\asus eeepc 1201ha w7.exe

Digital Signature
Signed by:
LLC ITC

Authority:
COMODO CA Limited

Valid from:
6/26/2014 7:00:00 AM

Valid to:
6/27/2015 6:59:59 AM

Subject:
CN=LLC ITC, O=LLC ITC, STREET=Vvedenskogo 11/3, L=Moscow, S=Moscow oblast, PostalCode=117342, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F4DBD55156EE0DAFED4BAB130328504E

File PE Metadata
Compilation timestamp:
7/20/2014 6:32:25 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
30.15

Entry address:
0x38D3

Entry point:
F5, 0F, BA, F5, 1E, C1, CA, 19, 4E, 01, FB, 0B, 4C, 24, 08, 81, EB, 84, 82, 07, 73, 39, EB, F5, F9, C1, D6, 1D, 21, E2, 43, F5, C1, C8, 19, 0B, 4C, 24, 08, 29, DE, C1, C9, 15, C1, D6, 1F, 81, D9, 5F, 73, 31, B7, 19, FE, 09, FE, 0F, BA, E2, 0A, 13, 7C, 24, 04, 4E, 4F, C1, C0, 1F, F7, D1, FC, 8B, 7C, 24, F8, F7, 44, 24, 08, CB, C0, 24, AC, 0F, BA, FA, 12, 87, D5, 90, 8B, 44, 24, F0, 81, 7C, 24, 10, 29, 01, 4A, 90, F7, 44, 24, EC, 5D, 06, 6B, 83, F7, 05, 7B, C8, 43, 00, 59, 86, 45, 8B, C1, FB, 13, 46, C1, C0...
 
[+]

Code size:
376 KB (385,024 bytes)

The file asus eeepc 1201ha w7.exe has been seen being distributed by the following URL.

http://forces.sunshinerus.ru/ODEwODtodHRwOi8vZGwuZHJpdmVyc25vdXQuY29tL2RyaXZlcnMvQXN1cy9FZWVQQy9hc3VzX0VlZVBDXzEyMDFIQV9XNy5yYXI7bmFtZT1hc3VzX0VlZVBDXzEyMDFIQV9XNy5yYXI7dHlwZT1hcmNoaXZl

Remove asus eeepc 1201ha w7.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.