» diabloexv7.exe
Overview
Analysis
File Details

diabloexv7.exe

Media Labs Limited

The application diabloexv7.exe by Media Labs Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

diabloexv7.exe

Publisher:

Media Labs Ltd (signed by Media Labs Limited)

Version:

0.3.0.31

MD5:

a48780c78beb0abbf5ad9653b0e35825

SHA-1:

1e1fd450a4f699e9f6f280dbac1d872885809c03

SHA-256:

72be5d2f85c95f7b4968b3e7b8eda93850bff3dc058e9e9f5139e1654f043fb3

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/26/2024 12:09:47 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Media Labs (M)

17.3.11.13

File size:

619.3 KB (634,128 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\diabloexv7.exe

Digital Signature

Signed by:

Media Labs Limited

Authority:

COMODO CA Limited

Valid from:

6/8/2011 3:00:00 AM

Valid to:

6/8/2012 2:59:59 AM

Subject:

CN=Media Labs Limited, O=Media Labs Limited, STREET="Varshavskoe ave, 33", STREET=n/a, L=Moscow, S=Moscow, PostalCode=117105, C=RU

Issuer:

CN=COMODO Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00869C6D1E264531AEA0DA8E35F0BCEDC0

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x197631

Entry point:

E8, F7, FE, FF, FF, 05, 93, 15, 00, 00, FF, E0, E8, EB, FE, FF, FF, 05, AD, 09, 00, 00, FF, E0, E8, 04, 00, 00, 00, FF, FF, FF, FF, 5E, C3, 00, 88, C1, 7D, 3A, B0, 3E, B2, 4C, FF, 12, 96, 87, B8, 93, 7A, 5C, 41, 5C, 33, 79, A5, FE, F8, F1, AB, 74, 6D, 1B, 05, 94, B1, 73, C3, B3, D9, 70, 41, 09, D6, F8, 02, E4, B1, 27, FB, 54, 0B, 36, DF, AB, 06, 33, 28, E0, F2, 37, 96, 80, 5A, AD, FB, 2E, E6, 73, E5, 96, 39, CD, 1F, EE, 19, EE, 42, 29, A3, E8, 6B, 46, 7A, D4, 1F, D7, 7C, 8A, CA, AD, E1, C4, C5, 95, 83, 93... 
[+]

Packer / compiler:

EXECryptor 2.2.4

Code size:

546 KB (559,104 bytes)

Remove diabloexv7.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.