home

drweb_avdesk_installer.exe

Dr.Web AV-Desk

Doctor Web, Ltd.

This is a self-extracting archive and installer. The file has been seen being downloaded from avdesk1.enaza.ru.
Publisher:
Doctor Web, Ltd.

Product:
Dr.Web AV-Desk

Description:
Dr.Web AV-Desk Installer

Version:
10.00.1.201507310

MD5:
2d390fbf9b2b6c0e692a9153b2ab06ed

SHA-1:
d6021ebf541522858582e777bb12f54bd8280faf

SHA-256:
c905d27793132139c912028313a7c3bba27bc8d70ffb5585196faf82ed9a002e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
8/14/2025 9:17:11 AM UTC  (today)

File size:
10.8 MB (11,359,247 bytes)

Product version:
10.00.1.201507310

Copyright:
Copyright (c) Doctor Web, Ltd., 1992-2015

Trademarks:
Dr.Web(R)

Original file name:
avdinst.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\drweb_avdesk_installer.exe

File PE Metadata
Compilation timestamp:
7/31/2015 9:06:10 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:cjJJ85BLLydy1j8Li2EQX4hTYZYw1A4KZdmJpigMZGqx/0e+7zVJsfSI0fXpBinZ:cNJ8XSdLLixQoSZN1zOmhJ8/bq9iZ

Entry address:
0xFA60

Entry point:
E8, 66, 9A, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 75, 14, E8, 21, 31, 00, 00, C7, 00, 16, 00, 00, 00, E8, CD, 58, 00, 00, 33, C0, 5D, C3, 8B, 40, 0C, 83, E0, 20, 5D, C3, 6A, 0C, 68, 58, 18, 43, 00, E8, 64, 55, 00, 00, 83, 65, E4, 00, 33, C0, 8B, 7D, 08, 85, FF, 0F, 95, C0, 85, C0, 75, 14, E8, E7, 30, 00, 00, C7, 00, 16, 00, 00, 00, E8, 93, 58, 00, 00, 33, C0, EB, 7E, 33, C0, 8B, 5D, 0C, 85, DB, 0F, 95, C0, 85, C0, 74, DE, 33, C0, 38, 03, 0F, 95, C0, 85, C0, 74, D3, E8, 71, 9B, 00, 00...
 
[+]

Code size:
147 KB (150,528 bytes)

The file drweb_avdesk_installer.exe has been seen being distributed by the following URL.

http://avdesk1.enaza.ru:9080/.../download.ds?os=windows&id=c49005b7-eb7b-4fec-93d8-7fd484ee7164

Scan drweb_avdesk_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.