» free 360 degree appraisals form template in msword format.exe
Overview
Analysis
File Details

free 360 degree appraisals form template in msword format.exe

Avi Podavsky

The application free 360 degree appraisals form template in msword format.exe, “Installer for QuickSet” by Avi Podavsky has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Tarma Installer installer.

File name:

Publisher:

QuickSet (signed by Avi Podavsky)

Product:

QuickSet

Description:

Installer for QuickSet

Version:

2013.11.20.1837

MD5:

e6dccaa4a3ee05a9a0996d402e7652a7

SHA-1:

785560b4d5e36c0d4b0f70ea380890fbefd47e64

SHA-256:

d990228ba9f2a0e7e14f75e2a4be31e551b19ab7e69475e37cbeabc8d9a279d7

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses Web-Pick's 'File Product', an Installer which wraps various products and downloads and installs it silently through the process, hosted on TusFiles.

Analysis date:

4/24/2024 3:53:05 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware (M)

17.3.3.8

File size:

303.6 KB (310,912 bytes)

Product version:

1.0.0.1

Original file name:

TSULoader.exe

File type:

Executable application (Win32 EXE)

Installer:

Tarma Installer

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\free 360 degree appraisals form template in msword format.exe

Digital Signature

Signed by:

Avi Podavsky

Authority:

COMODO CA Limited

Valid from:

12/19/2012 5:00:00 AM

Valid to:

12/20/2013 4:59:59 AM

Subject:

CN=Avi Podavsky, O=Avi Podavsky, STREET=Rabina 8, L=Tel Aviv, S=Tel Aviv, PostalCode=69395, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

5D3DDFA793E1D90EDC661CF311773BF6

File PE Metadata

Compilation timestamp:

3/12/2013 1:51:45 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0x14DB

Entry point:

55, 8B, EC, 81, EC, 2C, 06, 00, 00, 53, 56, 33, DB, 57, 66, 89, 9D, DC, FB, FF, FF, 89, 5D, F4, 89, 5D, FC, FF, 15, 74, 30, 40, 00, A3, 08, 44, 40, 00, FF, 15, 70, 30, 40, 00, 8B, F8, 8D, 45, EC, 50, FF, 15, 6C, 30, 40, 00, FF, 15, 68, 30, 40, 00, 8B, F0, F7, D6, 33, F7, FF, 15, 64, 30, 40, 00, 33, F0, 8B, 45, F0, 33, 45, EC, 68, 04, 01, 00, 00, 33, F0, 8D, 85, D4, F9, FF, FF, 50, 53, FF, 15, 60, 30, 40, 00, 85, C0, 75, 41, FF, 15, 5C, 30, 40, 00, 83, F8, 78, 75, 1A, 68, A8, 32, 40, 00, E8, 43, FB, FF, FF... 
[+]

Entropy:

7.9570

Developed / compiled with:

Microsoft Visual C++

Code size:

7.5 KB (7,680 bytes)

Remove free 360 degree appraisals form template in msword format.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.