home

drweb_avdesk_installer.exe

Dr.Web AV-Desk

Doctor Web, Ltd.

This is a setup and installation application. The file has been seen being downloaded from av-desk.is74.ru.
Publisher:
Doctor Web, Ltd.

Product:
Dr.Web AV-Desk

Description:
Dr.Web AV-Desk Installer

Version:
10.00.1.201507310

MD5:
9fb108a948c7cc156bd5fb2a9c6aa241

SHA-1:
b15a1e2b24ab74030547be27cf085c7e75227ff1

SHA-256:
e56389630ed5c6301e3a7e7f740b28597c6eb753164ae276c562d708dcfb9876

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 12:51:08 PM UTC  (today)

File size:
10.8 MB (11,359,242 bytes)

Product version:
10.00.1.201507310

Copyright:
Copyright (c) Doctor Web, Ltd., 1992-2015

Trademarks:
Dr.Web(R)

Original file name:
avdinst.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\drweb_avdesk_installer.exe

File PE Metadata
Compilation timestamp:
7/31/2015 11:06:10 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:ciJJ85BLLydy1j8Li2EQX4hTYZYw1A4KZdmJpigMZGqx/0e+7zVJsfSI0fXpBin3:cIJ8XSdLLixQoSZN1zOmhJ8/bq9i3

Entry address:
0xFA60

Entry point:
E8, 66, 9A, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 75, 14, E8, 21, 31, 00, 00, C7, 00, 16, 00, 00, 00, E8, CD, 58, 00, 00, 33, C0, 5D, C3, 8B, 40, 0C, 83, E0, 20, 5D, C3, 6A, 0C, 68, 58, 18, 43, 00, E8, 64, 55, 00, 00, 83, 65, E4, 00, 33, C0, 8B, 7D, 08, 85, FF, 0F, 95, C0, 85, C0, 75, 14, E8, E7, 30, 00, 00, C7, 00, 16, 00, 00, 00, E8, 93, 58, 00, 00, 33, C0, EB, 7E, 33, C0, 8B, 5D, 0C, 85, DB, 0F, 95, C0, 85, C0, 74, DE, 33, C0, 38, 03, 0F, 95, C0, 85, C0, 74, D3, E8, 71, 9B, 00, 00...
 
[+]

Code size:
147 KB (150,528 bytes)

The file drweb_avdesk_installer.exe has been seen being distributed by the following URL.

http://av-desk.is74.ru:9080/.../download.ds?id=5a431db6-02ae-e111-b6fd-ad043ad3ce54

Scan drweb_avdesk_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.