breakaway_setup_1.30.02.exe

Claesson Edwards Audio LLC

The executable breakaway_setup_1.30.02.exe has been detected as malware by 9 anti-virus scanners. The program is a setup application that uses the Nullsoft Scriptable Install System installer.
Publisher:
Claesson Edwards Audio LLC  (signed and verified)

MD5:
6610bf67105b544580c1c5453cebd024

SHA-1:
744cb10c1f5dfccc9149a4a144a3ec6ee1237cff

SHA-256:
27359b827574e472b1c9e464366ad8651b3baebffc5877caac3529d045bf5590

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
11/24/2017 2:26:02 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Vitro
160414-2

AVG
Win32/Virut
2015.0.4568

Dr.Web
Win32.Virut.56
9.0.1.05190

ESET NOD32
Win32/Virut.NBP virus
8.0.319.0

F-Prot
W32/Agent.JX.gen
4.6.5.141

McAfee
Virus.W32/Chir.gen!remnants
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.219.2347.0

Norman
Win32.Virtob.Gen.12
19.05.2016 05:17:13

VIPRE Antivirus
Threat.4737366
49494

File size:
3.2 MB (3,313,152 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Common path:
C:\Documents and Settings\{user}\My documents\downloads\breakaway_setup_1.30.02.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
6/2/2009 3:00:00 AM

Valid to:
6/3/2010 2:59:59 AM

Subject:
CN=Claesson Edwards Audio LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Claesson Edwards Audio LLC, L=Antioch, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7608657431FA360CCF9C392D8E6A2BEB

File PE Metadata
Compilation timestamp:
11/13/1997 2:16:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:jlpUCA09p7WU7uKG7f7jFIh0So3vtZ3hX:jXdhnWRf7ZKBo3vt

Entry address:
0x36519A

Entry point:
83, 3C, 24, FE, 77, FE, 8D, 64, 24, CC, 60, 83, EC, DC, E8, C7, 01, 00, 00, 42, 4F, 8B, F8, 4B, 66, 4B, 75, FC, 80, C4, 96, 42, FF, 73, 3C, 59, 81, E9, FD, FF, FF, 7F, B0, 67, 0F, 83, E5, FF, FF, FF, 81, D9, E6, 13, 00, 00, 8D, 70, 7B, 71, DA, 34, 00, 04, 00, F6, C4, 59, 0F, 97, C4, FF, B4, 19, E4, 13, 00, 80, 40, F7, D7, 83, C4, 04, 66, 81, 44, 24, FC, B0, BA, 75, BA, 4F, B5, 98, 40, 68, BB, AC, 28, 4A, FE, C4, 48, 84, C4, E8, 99, 01, 00, 00, 89, 74, 24, 44, E8, C7, 00, 00, 00, F6, D2, 89, 44, 24, 34, 86...
 
[+]

Code size:
23 KB (23,552 bytes)

Remove breakaway_setup_1.30.02.exe - Powered by Reason Core Security