home

fileviewpro+1.5.0.0+with_10924_i86664541_il345.exe

KASHTAN OOO

The executable fileviewpro+1.5.0.0+with_10924_i86664541_il345.exe, “TalkMail Setup ” has been detected as malware by 1 anti-virus scanner. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
Digital Services of South Florida, Inc.   (signed by KASHTAN OOO)

Description:
TalkMail Setup

MD5:
3f6c612a9248f2c33e0d1da97ae3d231

SHA-1:
e090525b3f535edc5502d030aea3af48aee9c63f

SHA-256:
bcaf7a7856736c63d573ef51fa9adcc0d8667fb8d3be7dc2be8340ab6676a6e6

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
5/15/2024 4:44:12 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.14.3

File size:
3.3 MB (3,433,360 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\fileviewpro+1.5.0.0+with_10924_i86664541_il345.exe

Digital Signature
Signed by:
KASHTAN OOO

Authority:
Thawte, Inc.

Valid from:
7/5/2015 2:00:00 AM

Valid to:
5/22/2016 1:59:59 AM

Subject:
CN=KASHTAN OOO, O=KASHTAN OOO, L=Naberezhnye Chelny, S=Tatarstan republic, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
468BE39F7FCABE2D4D2D070862DD916B

File PE Metadata
Compilation timestamp:
11/18/2015 8:32:49 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x31D1D3

Entry point:
68, A7, 5B, D0, 02, E8, F0, D2, FF, FF, 59, AD, 1C, EA, 03, B9, E7, E8, 72, 74, 76, 78, EF, 3E, CB, F9, BD, 11, D4, 8E, CC, 55, E1, C7, 5D, EF, C1, 08, 35, 57, 7D, 15, 1F, B1, AF, 9D, B6, E9, 70, 85, 17, C9, E5, CB, D0, E2, DD, 17, DA, 9A, 60, 75, 1E, 38, 44, F6, E1, EE, 57, 82, 8E, 77, 8F, 12, 51, 63, 24, E0, BA, A3, 9A, CC, 17, CD, 10, 96, 8E, A1, 7B, 2B, 64, 17, BE, 24, BB, 6D, 57, 88, 22, 03, 92, F9, 8C, BE, AD, 60, DA, B2, C8, A5, 7B, E6, 39, A3, 4C, 69, 37, 92, 51, 78, 9B, 2F, 96, F4, FF, 9F, FD, 72...
 
[+]

Entropy:
7.6260

Code size:
2.9 MB (2,992,640 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.