» auslogics boostspeed 6 5 6 0 repack portable by d akov rus eng.exe
Overview
Analysis
File Details
Downloads (1)

auslogics boostspeed 6 5 6 0 repack portable by d akov rus eng.exe

Windows NetMeeting

IT River

The application auslogics boostspeed 6 5 6 0 repack portable by d akov rus eng.exe by IT River has been detected as adware by 19 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from forces.i-promonixes.ru.

File name:

Publisher:

Windows (signed by IT River)

Product:

Windows® NetMeeting®

Description:

NetMeeting®

Version:

5.1.2600.2180

MD5:

eaf2074cfb55597c31d0646348b7a607

SHA-1:

615ca6494475aca1be7c8baf790dd853b8b89cc0

SHA-256:

1995463b2740c48cff63b240b3d112ef1692bb987665f0d4b10f0609766f5474

Scanner detections:

19 / 68

Status:

Adware

Analysis date:

4/24/2024 12:51:15 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Heur.Krypt.12

1006

AhnLab V3 Security

PUP/Win32.LoadMoney

14.05.04

AVG

Win32/Cryptor

2015.0.3484

Bitdefender

Gen:Heur.Krypt.12

1.0.20.620

Comodo Security

TrojWare.Win32.Kryptik.BZSP

18216

Emsisoft Anti-Malware

Gen:Heur.Krypt.12

8.14.05.04.03

Fortinet FortiGate

Riskware/LMN

5/4/2014

F-Secure

Gen:Heur.Krypt.12

11.2014-04-05_1

G Data

Gen:Heur.Krypt.12

14.5.24

McAfee

PUP-FFD!EAF2074CFB55

5600.7140

MicroWorld eScan

Gen:Heur.Krypt.12

15.0.0.372

NANO AntiVirus

Riskware.Win32.Krap.bsaoor

0.28.0.59608

Norman

Kryptik.CDIC

11.20140504

Panda Antivirus

Trj/Genetic.gen

14.05.04.03

Reason Heuristics

PUP.ITRiver.

14.7.27.13

Rising Antivirus

PE:Malware.XPACK-HIE/Heur!1.9C48

23.00.65.14502

Sophos

Mal/LdMon-B

4.98

Vba32 AntiVirus

Malware-Cryptor.Limpopo

3.12.26.0

VIPRE Antivirus

Trojan.Win32.LoadMoney.f

28854

File size:

296.3 KB (303,416 bytes)

Product version:

3.01

1996-2001

Original file name:

conf.exe

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

IT River

Authority:

COMODO CA Limited

Valid from:

2/25/2014 3:00:00 AM

Valid to:

2/26/2015 2:59:59 AM

Subject:

CN=IT River, O=IT River, STREET="Obolenskiy, 9", L=Moscow, S=Moscow oblast, PostalCode=119021, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

0F02E0C593A3B9A15B22F5853C90D66B

File PE Metadata

Compilation timestamp:

6/20/1992 2:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:kp8/pO5aFtsdvsezLXw96DijRXIscphK94AuJi6uIlu:A8p6a49jzbw96SXIscrK9fXEE

Entry address:

0x1000

Entry point:

E9, 4B, 01, 04, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 24, 20, 44, 00, CC, CC, CC, CC, CC, CC, 43, 66, 3B, 3D, 6C, 20, 44, 00, 7D, 08, 89, 0D, 2D, 20, 44, 00, EB, 16, 89, 05, D8, 20, 44, 00, 2B, 1D, 71, 20, 44, 00, 89, 05, E7, 20, 44, 00, 89, 7C, 24, D8... 
[+]

Packer / compiler:

Xtreme-Protector v1.05

Code size:

257 KB (263,168 bytes)

The file auslogics boostspeed 6 5 6 0 repack portable by d akov rus eng.exe has been seen being distributed by the following URL.

http://forces.i-promonixes.ru/NTQxODtodHRwOi8vcnVzLXRvcnJlbnRzLnJ1L2Rvd25sb2FkLnBocD9pZD01NTI1NDtuYW1lPUF1c0xvZ2ljcytCb29zdFNwZWVkKzYuNS42LjArUmVQYWNrKyUyNitQb3J0YWJsZStieStEJTIxYWtvdislNUJSdXMrJTJGK0VuZyU1RC50b3JyZW50O3R5cGU9dG9ycmVudA==

Remove auslogics boostspeed 6 5 6 0 repack portable by d akov rus eng.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.