home

drvinstaller_ia64.exe

ALL WINNER (HONG KONG) LIMITED

The executable drvinstaller_ia64.exe has been detected as malware by 11 anti-virus scanners.
Publisher:
ALL WINNER (HONG KONG) LIMITED  (signed and verified)

MD5:
458503254980fe81fc820c8c6259de3a

SHA-1:
0f4fac5f4aa2bc8a10176f5542029586f6bf02e2

SHA-256:
452b16e7a80f55aff18bfb263275cd67dc5bd0d2c8342886af967d31f99b9906

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
4/26/2024 8:29:57 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.SlugIn.A.Dam
5813612

avast!
Win32:Patched-HO [Trj]
160118-1

AVG
Win32/Slugin.A
2015.0.4489

Clam AntiVirus
Trojan.Spy-59563
0.98/21287

Dr.Web
Trojan.MulDrop3.48024
9.0.1.05190

Emsisoft Anti-Malware
Win32.SlugIn.A.Dam
10.0.0.5366

F-Prot
W32/Slugin.A.gen!Eldorado (generic, damaged, not disinfectable)
4.6.5.141

F-Secure
Win32.SlugIn.A.Dam
5.15.21

Microsoft Security Essentials
Threat.Undefined
1.213.3699.0

Norman
Win32.SlugIn.A.Dam
11.01.2016 17:30:26

VIPRE Antivirus
Threat.4314869
46444

File size:
142.8 KB (146,267 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\new folder\livesuitpack_v1.09\livesuit\drvinstaller_ia64.exe

Digital Signature
Signed by:
ALL WINNER (HONG KONG) LIMITED

Authority:
VeriSign, Inc.

Valid from:
8/20/2010 7:00:00 AM

Valid to:
8/21/2011 6:59:59 AM

Subject:
CN=ALL WINNER (HONG KONG) LIMITED, OU=System Design, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ALL WINNER (HONG KONG) LIMITED, L=Hong Kong, S=Hong Kong, C=HK

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
682215EFB7B2DC6C70247E613135F4EA

File PE Metadata
Compilation timestamp:
7/26/2010 2:28:11 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
3072:vFTkPNCR3+FFiRhYZ4z1sxtbjIUWnoRzM:vyTFFiQZ4zytbLw

Entry address:
0xA430

Entry point:
A0, 7A, 40, 00, 00, 00, 00, 00, 00, 00, 61, 00, 00, 00, 00, 00, A0, 7E, 40, 00, 00, 00, 00, 00, 00, 00, 61, 00, 00, 00, 00, 00, 40, 7F, 40, 00, 00, 00, 00, 00, 00, 00, 61, 00, 00, 00, 00, 00, 30, 21, 00, 00, 00, 00, 00, 00, 50, 21, 00, 00, FF, FF, FF, FF, B0, 21, 00, 00, 01, 00, 00, 00, D0, 21, 00, 00, FF, FF, FF, FF, 20, 80, 00, 00, 00, 00, 00, 00, 03, 00, 00, 00, 02, 00, 00, 00, 0D, E6, 00, B1, 23, E4, 01, B0, A2, E0, 02, 07, 28, 81, C0, 03, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
31 KB (31,744 bytes)

Remove drvinstaller_ia64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.