» dars_muqaddas_o_rgan-o_rgat_tavsiyalari_asosida_matematika_fanidan_yozgan_bir_soatlik_dars_ishlanmas
Overview
Analysis
File Details

dars_muqaddas_o_rgan-o_rgat_tavsiyalari_asosida_matematika_fanidan_yozgan_bir_soatlik_dars_ishlanmas

Monitor LLC

The file dars_muqaddas_o_rgan-o_rgat_tavsiyalari_asosida_matematika_fanidan_yozgan_bir_soatlik_dars_ishlanmas by Monitor has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.

File name:

Publisher:

Monitor LLC (signed and verified)

MD5:

73db093d5d8467c9459973298d602df4

SHA-1:

611d4010acc25b4ef2722abc238304c6295019d0

SHA-256:

c735d8a2d95dfeb7dfbf36c207657ab858eaf6ffa56b3e25b361b4580ab1b20a

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

5/16/2024 2:40:27 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.2.17.3

File size:

711.1 KB (728,152 bytes)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\dars_muqaddas_o_rgan-o_rgat_tavsiyalari_asosida_matematika_fanidan_yozgan_bir_soatlik_dars_ishlanmasi.exe

Digital Signature

Signed by:

Monitor LLC

Authority:

Thawte, Inc.

Valid from:

11/20/2014 4:00:00 AM

Valid to:

11/21/2015 3:59:59 AM

Subject:

CN=Monitor LLC, O=Monitor LLC, L=Moscow, S=Moscow region, C=RU

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

1F6C494817871A910F517455F51A03B6

File PE Metadata

Compilation timestamp:

2/4/2015 5:50:41 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

1.29

Entry address:

0xD8FE

Entry point:

45, 1B, 1C, 24, F7, D1, 21, F8, 21, C2, F7, D2, 81, E5, 63, 13, 30, 1D, 0F, BA, EE, 17, 19, E2, 8B, 44, 24, F0, 33, 15, B0, DF, 42, 00, 23, 44, 24, F8, 1B, 54, 24, F4, 3B, 74, 24, EC, F7, D6, 23, 44, 24, F0, 0F, BA, FD, 1E, F9, C1, D1, 17, 46, C1, D0, 14, 11, F5, 11, F5, 23, 5C, 24, 10, 87, FB, C1, D8, 10, 46, 48, C1, FE, 02, C1, E5, 09, F9, C1, CB, 03, C1, FA, 02, 4F, 0F, BA, EA, 0C, FC, C1, D5, 13, C1, D7, 0B, C1, E5, 03, C1, D7, 10, 0F, BA, EE, 1D, 0B, 74, 24, F8, 81, DA, 80, 8A, 72, 16, 0B, 74, 24, 14... 
[+]

Code size:

547 KB (560,128 bytes)

Remove dars_muqaddas_o_rgan-o_rgat_tavsiyalari_asosida_matematika_fanidan_yozgan_bir_soatlik_dars_ishlanmas - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.