avira-antivir-personal-free-antivirus-12001125-downloader.exe

OCSClient

www.download-sponsor.de

The application avira-antivir-personal-free-antivirus-12001125-downloader.exe has been detected as a potentially unwanted program by 8 anti-malware scanners.
Reason Core Security
Publisher:
www.download-sponsor.de

Product:
OCSClient

Version:
1.00

MD5:
d1947f075d51487c2a0ba1aa7e51afdf

SHA-1:
738135fd9b0fbc6b7ad5de72bfa0c80e88bb2cd6

SHA-256:
1d168cef4d801baca1c8de409cec624416a0061031248f4a415231c16504ec03

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
6/30/2015 4:15:24 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
APPL/Downloader.Gen
7.11.140.76

Dr.Web
Adware.Downware.2252
9.0.1.089

ESET NOD32
Win32/DownloadSponsor (variant)
8.9614

G Data
Win32.Application.DownloadSponsor
14.3.24

Trend Micro House Call
HV_ZYX_CA22677F.TOMC
7.2.89

Vba32 AntiVirus
Downware.VB.AndreClient
3.12.24.3

VIPRE Antivirus
DownloadSponsor
27864

Reason Core Security
File size:
500 KB (512,000 bytes)

Product version:
1.00

Copyright:
Copyright @ www.download-sponsor.de

Original file name:
ocsclient.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\avira-antivir-personal-free-antivirus-12001125-downloader.exe

File PE Metadata
Compilation timestamp:
6/1/2012 4:44:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:/K/ORf1fC0JkM8tPHjyN/Cs+zZjT4YkW2KanSDBfMysVufBn597NX2:/Pf9JkptPDIgwWo7ysgfBnnl2

Entry address:
0x1480

Entry point:
68, 8C, 48, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 17, 5D, 5D, 7C, BD, 4A, 4D, 4F, 95, 80, 4C, 02, 9C, 38, 5B, 25, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 4F, 43, 53, 43, 6C, 69, 65, 6E, 74, 00, 34, 36, 7D, 23, 32, 2E, 00, 00, 00, 00, FF, CC, 31, 00, 01, CB, 27, 30, 52, CC, D5, 70, 40, 90, CE, A9, 84, C1, C0, 1B, F5, D4, 5A, D4, AC, 9F, 94, AF, 4F, A5, 7F, 4E, 75, C8, E6, 2B, 8A, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
32 KB (32,768 bytes)

Reason Core Security