home

downloader_3.exe

Runner Utility

LLC Arctic West

The executable downloader_3.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
Dummy, Ltd.  (signed by LLC Arctic West)

Product:
Runner Utility

Version:
1.0.0.188

MD5:
b17a5bd96d9082bd0283ab0fb332bd30

SHA-1:
b7ca7db4dfe91c6155b140be71f7603e0aa19039

SHA-256:
928d267a86aa5746d4b882b8883464c9effee3372d7a71f1f7fe4f32f585dada

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
5/14/2024 9:04:30 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.20.20

File size:
1.2 MB (1,307,136 bytes)

Product version:
1.0.0.188

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programs\downloader_3.exe

Digital Signature
Signed by:
LLC Arctic West

Authority:
COMODO CA Limited

Valid from:
8/25/2015 12:00:00 AM

Valid to:
8/24/2016 11:59:59 PM

Subject:
CN=LLC Arctic West, O=LLC Arctic West, STREET=Lviv highway 1, L=Mikolaiv, S=Lvovskaja, PostalCode=81600, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
416057CF015B4832DC973BA203AAB312

File PE Metadata
Compilation timestamp:
8/27/2015 8:53:10 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1B8862

Entry point:
68, 9A, AD, E3, D5, E8, 17, 23, FD, FF, 09, 9F, 2C, 16, 3F, 73, 55, 66, FD, 72, 26, 8A, 46, 56, 9E, F0, B8, 7D, B6, 14, 46, 0E, 1E, F1, 5A, 2A, DA, 66, D2, A3, FB, A1, 5F, 56, 8B, FD, 0C, 71, 55, 54, 0A, 63, B9, 85, BF, F9, 1D, B3, D2, A0, C8, 37, BB, FA, 87, EF, 9C, 4F, C9, AB, F9, FF, 93, 31, E3, A9, C8, 10, D9, 82, B9, B3, 8A, 5E, 5F, 6C, EA, 3E, 43, 9E, 0A, 9B, E6, DA, 52, 70, 2E, 39, 1F, B1, AD, AE, C4, 0A, 9C, F6, CE, A2, 0F, C8, 9C, 8A, E2, FF, 9C, A6, C6, 80, A3, 71, E5, 45, 1B, EC, 94, B1, 61, 2B...
 
[+]

Code size:
1.2 MB (1,295,872 bytes)

Remove downloader_3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.