» autoclicker_setup.exe
Overview
Analysis
File Details
Downloads (1)

autoclicker_setup.exe

Cok Free Auto Clicker

Cok Software

The executable autoclicker_setup.exe, “Cok Free Auto Clicker Setup ” has been detected as malware by 8 anti-virus scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. Infected by an entry-point obscuring polymorphic file infector which will create a peer-to-peer botnet and receives URLs of additional files to download. The file has been seen being downloaded from www.coksoft.com.

File name:

Publisher:

Cok Software

Product:

Cok Free Auto Clicker

Description:

Cok Free Auto Clicker Setup

Version:

3.0

MD5:

fdd2d76fbfa8f0404ecc8bf016eb74b2

SHA-1:

89d034e7099122819e80d683ee09c0dc45e9d886

SHA-256:

71225dafdc176af35e9ad18ade71471ca3dd87653f739992305d4ce84bea5bd6

Scanner detections:

8 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/23/2024 6:59:30 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:SaliCode

160414-2

AVG

Win32/Sality

2015.0.4591

Dr.Web

Win32.Sector.30

9.0.1.05190

Emsisoft Anti-Malware

Win32.Sality

11.5.0.6191

ESET NOD32

Win32/Sality.NBA virus

8.0.319.0

F-Prot

W32/Sality.gen2

4.6.5.141

Microsoft Security Essentials

Threat.Undefined

1.225.517.0

Norman

Win32.Sality.3

19.05.2016 01:04:49

File size:

396.4 KB (405,908 bytes)

Product version:

3.0

File type:

Executable application (Win32 EXE)

Language:

Chinês (República Popular da China)

Common path:

C:\documents and settings\administrador\meus documentos\downloads\autoclicker_setup.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:mBsddkPYjbRlKgH9L9Q40Up3RM062qVPcX8/a:m2duPYPNZ910Up3+F9AH

Entry address:

0xAC2C

Entry point:

81, C5, 18, 53, 31, 2C, 28, C9, 89, EA, F7, C5, A4, E3, 75, E0, 52, F6, C1, C1, EB, 04, 85, F1, 14, 90, 4D, 89, EA, 81, CE, BD, F7, F8, 57, E8, 00, 00, 00, 00, B8, 5C, 77, 05, C0, 48, 4F, 85, F0, 69, DA, 30, F8, 63, 06, C7, C6, 87, 15, 7E, DF, 81, F9, CE, 23, 00, 00, 5F, FE, CC, F7, C1, B5, DE, A4, E0, 0F, AF, D7, 88, CB, 81, D5, 01, 55, AC, 11, 71, 09, 80, FB, 6D, 8D, 1D, 13, 6A, 89, 26, 89, F6, C6, C2, ED, 80, E7, 72, 33, CD, 89, F2, 4E, F3, F6, C6, D6, 84, F0, 81, FE, 24, 3F, 2A, ED, 0F, BE, CB, 72, 04... 
[+]

Code size:

41 KB (41,984 bytes)

The file autoclicker_setup.exe has been seen being distributed by the following URL.

http://www.coksoft.com/.../autoclicker_setup.exe

Remove autoclicker_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.