home

Determinan.exe

Determinan

agata

This is a setup program which is used to install the application. The file has been seen being downloaded from nyoman-agata.googlecode.com.
Publisher:
agata

Product:
Determinan

Version:
1.00

MD5:
3e8b572354e9e5d451eeebe809acb547

SHA-1:
cbd1d7e69eba837d6cc11d10297b4136b7163f74

SHA-256:
8d23cb3987f40ac047352a4a0a813b06e19fb0b8c0fc4c84a74b6d3f3a19071b

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
5/6/2024 6:34:30 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.StartPage
2.1.4+

Bkav FE
HW32.Packed
1.3.0.6379

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.16523

Trend Micro House Call
Suspicious_GEN.F47V0307
7.2.146

File size:
964 KB (987,136 bytes)

Product version:
1.00

Original file name:
Determinan.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\determinan.exe

File PE Metadata
Compilation timestamp:
4/11/2013 9:50:27 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:3XWqaK+iXX5EUr6nnvzhzLQ6kz4Bz70hhs3gogTrdhh:h+iXXesebd0rjE3g1/h

Entry address:
0x11A0

Entry point:
68, 54, BA, 4E, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, B9, 14, A1, 85, 6F, 2B, 87, 43, B0, CE, D6, 36, BD, 6F, 30, 75, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 19, 5E, D5, 2B, 4E, ED, 71, A9, 42, B5, 4F, 7C, DB, 8E, 8C, F5, DD, D5, C9, 4F, 23, 42, E5, 5B, 43, B3, EC, 51, A3, 5F, 74, ED, 08, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
952 KB (974,848 bytes)

The file Determinan.exe has been seen being distributed by the following URL.

http://nyoman-agata.googlecode.com/.../Determinan.exe

Scan Determinan.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.