home

freeav.exe

Panda Security SelfExtrator

Panda Security, S.L.

This is a setup program which is used to install the application. The file has been seen being downloaded from acs.pandasoftware.com.
Publisher:
Panda Security, S.L.

Product:
Panda Security SelfExtrator

Description:
Panda Security SFX

Version:
15.14.2.0

MD5:
0300c428a98d5bde3a2a7a2141be9c1f

SHA-1:
e250bc4dbe78c08ceb09ceec55a7209ea762fe42

SHA-256:
a0c6cb1c35151748295e7ba3ae0af041a4fda4530fbebcf65be63f73b0f746e5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 3:48:34 AM UTC  (today)

File size:
4.2 MB (4,369,224 bytes)

Product version:
15.14

Copyright:
© Panda 2016

Original file name:
7zS.sfx.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\freeav.exe

File PE Metadata
Compilation timestamp:
2/19/2016 9:40:08 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:TGm2dULL+N4Mb8Fv5VtqZfEcp2qtLOvCxgwsNK7D2wnKr/Lot:TGm2dsYtbUv9cpjWgVsWD2wKr/Q

Entry address:
0x19782

Entry point:
E8, 11, 3B, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, 38, 77, 42, 00, E8, 24, FC, FF, FF, 6A, 0E, E8, DB, 1D, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, 9C, A9, 42, 00, BA, 98, A9, 42, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 29, F6, FF, FF, 59, FF, 76, 04, E8, 20, F6, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00, E8, 13, FC, FF, FF, C3, 8B, D0, EB, C5, 6A, 0E, E8, A6, 1C, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 81...
 
[+]

Entropy:
7.8522  (probably packed)

Code size:
127 KB (130,048 bytes)

The file freeav.exe has been seen being distributed by the following URL.

http://acs.pandasoftware.com/Panda2016/FREEAV/.../FREEAV.exe

Scan freeav.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.