home

bluetooth-driver-installer-10081-baixaki-32-bits.exe

The application bluetooth-driver-installer-10081-baixaki-32-bits.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. This is a setup program which is used to install the application. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from dl.baixaki.com.br.
MD5:
04efe2e3ac26b3de9a0707a29118aa5e

SHA-1:
e700396732c5387100feb89a1125e00558635c51

SHA-256:
e4b1cf90cd37a1394e04629cf564e6037d03cb79effcff9aa616a8cfb355f480

Scanner detections:
21 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/25/2024 12:46:23 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
ASD.Prevention
2012.09.01

Avira AntiVirus
Adware/Installco.AB
7.11.131.226

avast!
Win32:Delf-SUD [PUP]
2014.9-150510

Bkav FE
HW32.Laneul
1.3.0.4924

Dr.Web
Adware.InstallCore.59
9.0.1.0130

ESET NOD32
Win32/InstallCore.AL (variant)
9.7516

Fortinet FortiGate
W32/SPNR.0CHH12!tr
5/10/2015

F-Prot
W32/InstallCore.V2.gen
v6.4.7.1.166

herdProtect (fuzzy)
variant of ares-galaxy-2183042-baixaki-32-bits.exe (Adware)
2015.8.7.23

K7 AntiVirus
Unwanted-Program
13.175.11177

McAfee
Artemis!3EC8109E825C
5600.6769

MicroWorld eScan
Win32:Delf-SUD [PUP]
16.0.0.390

Qihoo 360 Security
Win32/Virus.Adware.1b1
1.0.0.1015

Reason Heuristics
Threat.Win.Reputation.IMP
15.5.10.9

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.15508

Sophos
Generic PUA KB
4.98

SUPERAntiSpyware
Adware.InstallCore/Variant
9884

Trend Micro House Call
TROJ_SPNR.0CHH12
7.2.130

Trend Micro
TROJ_SPNR.0CHH12
10.465.10

Vba32 AntiVirus
Malware-Cryptor.InstallCore.9
3.12.18.4

VIPRE Antivirus
InstallCore
26486

File size:
1 MB (1,090,000 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\bluetooth-driver-installer-10081-baixaki-32-bits.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:kcUx0rwjb/gSTm2bORdGpSXgVxTXCOu+bOsFVw7k0:kcUxewYSTrodGp5Vk4FVwI

Entry address:
0xCB8D0

Entry point:
55, 8B, EC, 83, C4, F0, B8, D0, F2, 41, 00, E8, EA, E4, FF, FF, 1D, E4, 75, 46, 00, EB, 51, 8B, 3B, 8B, 73, 08, 3B, EE, 77, 46, 8B, C6, 03, 43, 0C, 3B, 44, 24, 10, 77, 3B, 3B, 74, 24, 08, 73, 04, 89, 74, 24, 08, 8B, C6, 03, 43, 0C, 3B, 44, 24, 0C, 76, 04, 89, 44, 24, 0C, 68, 00, 80, 00, 00, 6A, 00, 56, E8, EF, FC, FF, FF, 85, C0, 75, 0A, C7, 05, C0, 75, 46, 00, 01, 00, 00, 00, 8B, C3, E8, 8A, FD, FF, FF, 8B, DF, 81, FB, E4, 75, 46, 00, 75, A7, 8B, 44, 24, 04, 33, D2, 89, 10, 83, 7C, 24, 0C, 00, 74, 19, 8B...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
829.5 KB (849,408 bytes)

The file bluetooth-driver-installer-10081-baixaki-32-bits.exe has been seen being distributed by the following URL.

http://dl.baixaki.com.br/programas/.../bluetooth-driver-installer-10081-baixaki-32-bits.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.