» deskproto_6_keygen_downloader.exe
Overview
Analysis
File Details

deskproto_6_keygen_downloader.exe

Spring Installer

Pro Adventure LTD comp.

The executable deskproto_6_keygen_downloader.exe has been detected as malware by 1 anti-virus scanner. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.

File name:

Publisher:

Factory Choco LLC (signed by Pro Adventure LTD comp.)

Product:

Spring Installer

Description:

Spring Files

Version:

1, 0, 1005, 1

MD5:

e139d18214129636e1ba0117543d705e

SHA-1:

eec9865676d5c9cf6398a4d6c1b3ffbb97752920

SHA-256:

d5ccb6918fb1259d02380bffe2ee179beaa899ba4623a563cfe763b6fcc1c4d0

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

4/26/2024 3:28:11 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Threat.Win.Reputation.IMP

15.10.6.13

File size:

4.5 MB (4,725,312 bytes)

Product version:

2.0.0.1

Original file name:

springfiles.exe

File type:

Executable application (Win32 EXE)

Language:

English

Digital Signature

Signed by:

Pro Adventure LTD comp.

Authority:

Pro Adventure LTD comp.

Valid from:

9/30/2015 12:58:41 PM

Valid to:

9/29/2016 12:58:41 PM

Subject:

CN=Pro Adventure LTD, OU=Pro Adventure LTD, O=Pro Adventure LTD comp., S=London, C=UK

Issuer:

CN=Pro Adventure LTD, C=UK, S=London, L=London, E=admin@proadventure.com, OU=Pro Adventure LTD, O=Pro Adventure LTD comp.

Serial number:

100001

File PE Metadata

Compilation timestamp:

9/18/2015 1:40:03 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

98304:j/qK8TJYt4M8zPLCdZsHXb3ziTbDKiTM67UqMTQluRwo8tsQVeELv1S:WYmzTCY37UbDK4M6jMFwTtsQVn1S

Entry address:

0x9AC51B

Entry point:

68, 56, F6, A3, 2C, E8, 49, 46, BA, FF, 21, B7, EE, 77, 5F, 36, E5, 28, 10, 94, 8D, AB, 2E, AA, EA, 72, 79, 36, D0, 2E, 09, 83, B9, CE, 4D, 8B, 7D, F4, 85, E4, 2B, D1, F7, C3, 6E, 1A, 01, 37, 81, FF, 15, 02, 05, 4B, 2B, F1, 0F, BA, F9, 63, 66, 0F, AB, E1, 49, 8B, 4D, F8, 81, FC, F1, 2F, 51, 01, 66, 3B, FC, F5, 0F, B7, BC, 79, B0, 01, 00, 00, 81, FA, 00, 00, 00, 01, 0F, 83, 20, 00, 00, 00, 3B, 45, FC, 0F, 83, FC, 8E, FF, FF, 0F, B6, 08, 66, 3B, E0, F8, C1, E6, 08, C1, E2, 08, 0B, F1, 66, B9, 9E, 2F, 40, 89... 
[+]

Entropy:

7.9874 (probably packed)

Code size:

4.4 MB (4,634,624 bytes)

Remove deskproto_6_keygen_downloader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.