home

avira_es_av_57a294705e94e__ws.exe

Avira Launcher

Avira Operations GmbH & Co. KG

This is a setup program which is used to install the application. The file has been seen being downloaded from package.avira.com.
Publisher:
Avira Operations GmbH & Co. KG

Product:
Avira Launcher

Version:
1.1.67.18988

MD5:
e68e53062459716af58939d3944e8477

SHA-1:
997507f58db4d5cb7a19251f2185116501475268

SHA-256:
ebb52202c5e657a85278a2ab6a33f3bc273d6df5e3923c3eecf896aea70142c1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:00:08 PM UTC  (today)

File size:
1.1 MB (1,179,094 bytes)

Product version:
1.1.67.18988

Copyright:
Copyright © 2015 Avira Operations GmbH & Co. KG and its Licensors

Original file name:
Avira.OE.Setup.Bundle.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\avira_es_av_57a294705e94e__ws.exe

File PE Metadata
Compilation timestamp:
7/11/2016 2:04:21 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:qxgUltMMB8VwfezYw8OnPXUr2FAYsqlQrNaCVWy:lU4i8V2e8jGPXUaF8A+

Entry address:
0x2C134

Entry point:
E8, 23, 3F, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, E8, 0F, 00, 00, 00, 83, 7D, 08, 00, 74, 05, E8, 03, 59, 00, 00, DB, E2, 5D, C3, B8, B6, 0F, 43, 00, C7, 05, A8, 51, 46, 00, A2, 18, 43, 00, A3, A4, 51, 46, 00, C7, 05, AC, 51, 46, 00, 33, 19, 43, 00, C7, 05, B0, 51, 46, 00, 8D, 19, 43, 00, C7, 05, B4, 51, 46, 00, 12, 1A, 43, 00, A3, B8, 51, 46, 00, C7, 05, BC, 51, 46, 00, D7, 0F, 43, 00, C7, 05, C0, 51, 46, 00, 4B, 19, 43, 00, C7, 05, C4, 51, 46, 00, B3, 18, 43, 00, C7, 05, C8, 51, 46, 00, 9E, 19, 43, 00...
 
[+]

Entropy:
7.7053  (probably packed)

Code size:
279.5 KB (286,208 bytes)

The file avira_es_av_57a294705e94e__ws.exe has been seen being distributed by the following URL.

https://package.avira.com/package/oeavira/win/.../avira_es_av_57a294705e94e__ws.exe

Scan avira_es_av_57a294705e94e__ws.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.