» atieah32.exe
Overview
Analysis
File Details

atieah32.exe

The executable atieah32.exe has been detected as malware by 13 anti-virus scanners. Infected by the Parite virus, a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.

File name:

atieah32.exe

MD5:

ff0c9a5364b4b1bb900893d8e081e37a

SHA-1:

cb753e6fc9a51d6a72ca7af8d141521feffcbb80

SHA-256:

6d56ff20276a17240010c51bf6245a9edcb6f305510fbc5363c6939177d118ec

Scanner detections:

13 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/19/2024 5:08:36 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Parite.B

5813571

avast!

Win32:Parite

160108-0

AVG

Win32/Parite

2015.0.4489

Clam AntiVirus

Heuristics.W32.Parite.B

0.98/21243

Dr.Web

Win32.Parite.2

9.0.1.05190

Emsisoft Anti-Malware

Win32.Parite

10.0.0.5366

ESET NOD32

Win32/Parite.B virus

7.0.302.0

F-Prot

W32/Parite.B

4.6.5.141

Kaspersky

Virus.Win32.Parite

15.0.0.562

McAfee

Virus.W32/Pate.b

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.213.2188.0

Norman

Win32.Parite.B

17.12.2015 06:34:11

Sophos

Virus 'W32/Parite-B'

5.22

File size:

314 KB (321,498 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Windows\System32\atieah32.exe

File PE Metadata

Compilation timestamp:

8/22/2015 4:49:02 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:S/81S8akzq8OvvF9PxtY/+fpdhnkZotrVhzgacw:S/83zqLHFHtY4dtkutR

Entry address:

0x27000

Entry point:

68, A9, AE, B6, 00, 59, 90, BF, 20, 70, 42, 00, BE, 98, 05, 00, 00, 90, FF, 34, 3E, 31, 0C, 24, 8F, 04, 3E, 90, 90, 83, EE, 03, 4E, 90, 75, EE, 41, D3, B7, 00, A9, AE, B6, 00, A9, AE, F6, 00, 81, 88, B6, 00, A9, 9C, B4, 00, 73, 99, B4, 00, A9, 1E, B4, 00, A8, AE, B6, 00, A1, 7E, F7, 00, B5, B3, F4, 00, AF, B3, F4, 00, FD, AE, B4, 00, B3, B3, B4, 00, AD, B3, B4, 00, A1, 12, B7, 00, B3, B3, B4, 00, AD, B3, B4, 00, A9, AE, B6, 00, A9, AE, B6, 00, A9, AE, B6, 00, A9, AE, B6, 00, A9, AE, B6, 00, A9, AE, B6, 00... 
[+]

Code size:

110 KB (112,640 bytes)

Remove atieah32.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.