» epidemiya - korolevstvo iz slez zaycev net.exe
Overview
Analysis
File Details

epidemiya - korolevstvo iz slez zaycev net.exe

LLC IT Management

The application epidemiya - korolevstvo iz slez zaycev net.exe by LLC IT Management has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

LLC IT Management (signed and verified)

MD5:

8613b6fc68dc9a2de7a7d5d65a8bd77f

SHA-1:

6eae65fba6ee31d072f629022a9cf2fe76860b67

SHA-256:

1b82a7ead18369ac870729e301e873d1b199e218453e75bc6ab4d035cf63f895

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/19/2024 2:12:18 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ITManagement (M)

16.2.6.8

File size:

436.9 KB (447,368 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\epidemiya - korolevstvo iz slez zaycev net.exe

Digital Signature

Signed by:

LLC IT Management

Authority:

COMODO CA Limited

Valid from:

6/2/2014 7:00:00 AM

Valid to:

6/3/2015 6:59:59 AM

Subject:

CN=LLC IT Management, O=LLC IT Management, STREET=Bagritskogo 51/2, L=Moscow, S=Moscovskaya oblast, PostalCode=121471, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2E9D66F88B13880A37872C17A2E17029

File PE Metadata

Compilation timestamp:

6/5/2014 4:16:38 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

15.29

CTPH (ssdeep):

6144:KcC3BdTolLyYSqlzjgAEXIxpeRx2GV7iBQj/ImiiWTqPAtX7OW:63BGSqFjCXSomo7SejPy/

Entry address:

0x3456

Entry point:

C1, C8, 0F, 0B, 74, 24, 10, FC, FC, 31, F9, 8B, 4C, 24, 14, 46, C1, E5, 0A, C1, C3, 1D, BD, 87, 90, 46, 6A, FC, 81, EF, 23, B6, CB, 83, C1, C2, 0A, C1, D2, 1C, 8B, 74, 24, F0, C1, C1, 05, C1, E0, 0B, C1, D1, 00, C1, E5, 11, 39, 54, 24, 10, 42, F7, 05, D4, 09, 43, 00, 3E, 7C, 65, 11, C1, E6, 05, 4F, 42, C1, D8, 0B, 87, CE, C1, E1, 15, FD, 33, 4C, 24, 08, C1, E2, 1A, FD, C1, C7, 09, 23, 4C, 24, 08, C1, E7, 1A, C1, CF, 0A, 81, E5, D0, 02, F7, D2, C1, C8, 0F, 29, FA, 39, 2D, 22, C5, 44, 00, FD, FC, 87, D1, BA... 
[+]

Code size:

358 KB (366,592 bytes)

Remove epidemiya - korolevstvo iz slez zaycev net.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.