avira_en_av___ws.exe

Avira

Avira Operations GmbH & Co. KG

This is a setup program which is used to install the application. The file has been seen being downloaded from global-shared-files-l3.softonic.com and multiple other hosts.
Publisher:
Avira Operations GmbH & Co. KG  (signed and verified)

Product:
Avira

Version:
1.0.5197.30752

MD5:
54dab724262f6cbb38aee1c33ad2f2c8

SHA-1:
f0fe10017906c86548b573e70e0433cc5da459bb

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/21/2018 3:01:50 AM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Quick Heal
(Suspicious) - DNAScan
3.14.12.00

File size:
4.2 MB (4,413,904 bytes)

Product version:
1.0.5197.30752

Copyright:
Copyright (c) Avira Operations GmbH & Co. KG. All rights reserved.

Original file name:
Avira.OE.Setup.Bundle.AntiVirus.En-us.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\avira_en_av___ws.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
1/16/2014 6:00:00 PM

Valid to:
1/16/2017 5:59:59 PM

Subject:
CN=Avira Operations GmbH & Co. KG, OU=Global Assembly, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Avira Operations GmbH & Co. KG, L=Tettnang, S=Baden-Württemberg, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3AEA7D79BC1D84D2E1AB0FFC8BC35658

File PE Metadata
Compilation timestamp:
11/28/2013 8:14:28 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
98304:SqUWLe2dHB7jjSLkMsKaB7r3npKmATAMq+pr4NAtRo+rdIRwv:Sdce9k4a1r3YbUBubrdIRwv

Entry address:
0x267A5

Entry point:
E8, C9, 39, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, D0, 60, 45, 00, 75, 02, F3, C3, E9, C4, 40, 00, 00, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, 44, 7C, 45, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 80, 61, 45, 00, 01, 0F, 82, 79, 41, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B...
 
[+]

Entropy:
7.9722  (probably packed)

Code size:
229.5 KB (235,008 bytes)

The file avira_en_av___ws.exe has been seen being distributed by the following 50 URLs.

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140501145519&nva=20140502025619&token=0114c69d1bb2ccff1d374&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140430172940&nva=20140501053040&token=075ac5a85f001718269a3&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://gsf-cf.softonic.com//f0f/e10/.../file?id_file=18069&channel=WEB&instance=softonic_it&type=PROGRAM&fdh=yes&SD_used=0&Expires=1401762727&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=PcpB8HIFlsYyeImMbbzU3oXyXxV8E90KzXr6-pnlWqHJuFfdEQUfIrM2Czz0yh2avJP-rIalxDTVkBOP-icSb2F-ea3EHV19y2fPwgkOFNXy~Du6nwjt0Wt93TouUBu2hNIXfsb1yNLdi7QDU7IWUUo6~Bryf6rh7z6aiORGA8U_&filename=avira_it_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140529052235&nva=20140529172335&token=0953844a7c79fbae45b47&id_file=18069&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_en_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140614192810&nva=20140615072910&token=08582edd8d39efda2c3b6&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140511163230&nva=20140512043330&token=0eafbad2a55768216bb6b&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140410155848&nva=20140411035948&token=0003a6b229035fe3ea51b&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140529140104&nva=20140530020204&token=0affc80f3cefbd1cf28db&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://gsf-cf.softonic.com//f0f/e10/.../file?id_file=18069&channel=WEB&instance=softonic_it&type=PROGRAM&fdh=yes&SD_used=0&Expires=1397777155&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Tz50DFV8BgrSfZNIoaZN5QjcSvmTT7Ze3KwKEK6ZDYh2P77PKtqvHYyZIrjEPB6HpELDHpibEQBgiI2vmfrjUS1-Y3KeCMx0SDEULVqjLtGt7WDSMa83gesFoUFO5EIqUBhwJ-JyZIzEvbdbBTXSA4U6r9tMiyG~7FTCWvO~Qko_&filename=avira_it_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140602190216&nva=20140603070316&token=0cf410b5477f13150b9f6&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140414155204&nva=20140415035304&token=09a40f3ab7905cbd000a6&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140713134738&nva=20140714014838&token=0cca56d5d7f3a76f2c3b4&id_file=18069&channel=WEB&instance=softonic_de&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_de_av___sfc.exe

http://gsf-cf.softonic.com//f0f/e10/.../file?id_file=18069&channel=WEB&instance=softonic_it&type=PROGRAM&fdh=yes&SD_used=0&Expires=1400797677&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=DbgO43AU3dvLMo7RX5BRqd0S0iNgOMqWdkJRvPmJV-39EYy8eh6UPcyw3lY8GKyXPju1VgXJut4rd4Oe8M0DXz2iuP2iCSNthHY8BKEGi32bmk~ccLcGkGS-nOhSArPGhHJa2dcrPX1RyKsqt4T8L3yLa0H0H3rLIiaQpO7Fzag_&filename=avira_it_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140529234801&nva=20140530114901&token=03a6b331eadd899f410c7&id_file=18069&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_en_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140423185316&nva=20140424065416&token=089a3b7045d27e3868c08&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140501053134&nva=20140501173234&token=0c65e8dafd636941b65d9&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://gsf-cf.softonic.com//f0f/e10/.../file?id_file=18069&channel=WEB&instance=softonic_it&type=PROGRAM&fdh=yes&SD_used=0&Expires=1400007397&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=As2KY8JE6h72ptddr8IuCumsLpx-AowcB5gPFOykhnuNSwXXAK-joAkYcYwb-FvROhZFUUiEWEdNxX6RufvRLRocLAeHrmqOZgWZFegaewBgteEK5gt1pFOl3ZDuLJqlNhmYwF41CWIGYlM-SZuAhCYXMCTZ5E6K5N~FROqblm0_&filename=avira_it_av___sfc.exe

http://gsf-cf.softonic.com//f0f/e10/.../file?id_file=18069&channel=WEB&instance=softonic_it&type=PROGRAM&fdh=yes&SD_used=0&Expires=1400631280&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=SB3InafpoFplAiVYZQ~URnzwU3Gfm04Hp8n6KHjeAj3kY6pCD4Lf403X63aMZUor9FK5ma10Wfs97qwSlSBVYcGJJFwaAxOyC60wZh0loEpPqHTtqsUoopwQ8QYg311XQQQm9JCx5EdkN247ArYRkcLvz5MfSdLvd3GRpMl7rCo_&filename=avira_it_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140426135611&nva=20140427015711&token=0461c5bf42acf36c126bb&id_file=18069&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_en_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140410115637&nva=20140410235737&token=03a9944a7481026777eb3&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140602140257&nva=20140603020357&token=0badea80bc202efb4f58d&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140618030921&nva=20140618151021&token=0d1998aa81f2fa9310c41&id_file=18069&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_en_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140613212742&nva=20140614092842&token=07fe3535f7d6c3d034c16&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://gsf-cf.softonic.com//f0f/e10/.../file?id_file=18069&channel=WEB&instance=softonic_it&type=PROGRAM&fdh=yes&SD_used=0&Expires=1403143847&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=FQEybu9vQcwFuKdJWM2ytNKD6aerNn5OyN~wdHhpK-1kK9XLhnQiem5Xi3kqJJ~zxYQpluVQ0rvEYQH3TT6EGKSCr4leJmcW3GGJC-AJM3oYPgwIfdRKat6kuDYJ9Lx1ImKLfDLLnbg70slY1XJ6KsSloKEMeR60vMeK2VBvPcg_&filename=avira_it_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140709061415&nva=20140709181515&token=0b4e32dd29ccc9b97fac2&id_file=18069&channel=WEB&instance=softonic_it&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_it_av___sfc.exe

http://gsf-cf.softonic.com//f0f/e10/.../file?id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&Expires=1404319622&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=DUkCIlSiVv9NyAs1d617noqRfBDbyqkR6x89-A1qRv6IEU82zyltN~MsLlTTeuxDPLrtuggtyLoetz6vAKFn2nMPSHpBIrJstHLgQQ5th6GATqgcvHtNggKPl~UAFwEtGXGSa9LTUWxCBLd3yyLWjvYw-I5-ms~Xe7u5I73ZVgg_&filename=avira_es_av___sfc.exe

http://gsf-cf.softonic.com//f0f/e10/.../file?id_file=18069&channel=WEB&instance=softonic_it&type=PROGRAM&fdh=yes&SD_used=0&Expires=1400302903&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=ahLNm0K0TQGs240ciBo185sI468O4pgBBkxpwR3blO5MlVJf5gN4LE7sXvAa5ru32yp9UpEvledE6ukIqNy4SoW3f-cR8cPPaFiOavfdcaPK6MqtuxxD7FWIojkc7fxLeJ5YZrg2WTBrAxRrk6XdyhJyUAYwpHj3XPabgGnrkqI_&filename=avira_it_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140515205441&nva=20140516085541&token=0ba870edb837c2204be3a&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

http://gsf-cf.softonic.com//f0f/e10/.../file?id_file=18069&channel=WEB&instance=softonic_it&type=PROGRAM&fdh=yes&SD_used=0&Expires=1398312351&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=T~6akBsV9WIqbwrJ~1aoCRU4eyB7bMqYEedqFuEJTe6UQpF9iEuYDrBdvCHWUhGiTp-Y0hNnTEXWbE8a-EsN9hJt1PjAEfE84lap5NSfUMJyTas~JcMf9Sjop0znyib0rRBAdgYQJxsprWgyQ~R8P8lJsVm5WD00gmXI8FQvkYY_&filename=avira_it_av___sfc.exe

http://global-shared-files-l3.softonic.com/f0f/e10/.../file?nvb=20140625140149&nva=20140626020249&token=0d390b6ec127e61bf1cbb&id_file=18069&channel=WEB&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=0&filename=avira_es_av___sfc.exe

Latest 30 of 120 download URLs

Scan avira_en_av___ws.exe - Powered by Reason Core Security