home

gruppa 30 zaycev net 02 - primerom.exe

Onlain Sekyuriti Sistems, OOO

The application gruppa 30 zaycev net 02 - primerom.exe by Onlain Sekyuriti Sistems, OOO has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Onlain Sekyuriti Sistems, OOO  (signed and verified)

MD5:
8c79d9756af7e957397a2e4447468009

SHA-1:
aed75d8117cb117cbb744887bb0f14ce8b3f714b

SHA-256:
3f1080ca3cad5fe690cf9aa015d30a1986452f031d565be3ace35083c1011ca7

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/23/2024 9:17:16 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.OnlainSekyuritiSistems (M)
16.2.5.18

File size:
516.4 KB (528,800 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\gruppa 30 zaycev net 02 - primerom.exe

Digital Signature
Signed by:
Onlain Sekyuriti Sistems, OOO

Authority:
COMODO CA Limited

Valid from:
3/26/2014 3:00:00 AM

Valid to:
3/27/2015 2:59:59 AM

Subject:
CN="Onlain Sekyuriti Sistems, OOO", O="Onlain Sekyuriti Sistems, OOO", STREET="12 Komn 42, ul.Vrubelya", L=Moscow, S=Moscow region, PostalCode=125080, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
38AA823949978CC988A90C3D6FDCCF0F

File PE Metadata
Compilation timestamp:
4/19/2014 2:57:37 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
29.1

CTPH (ssdeep):
12288:VWkYwLDhsDGPnqro+vyzDXZAYkJYBi1+Is4:VWkrLDhsDGPqEsyBkJD+l4

Entry address:
0x7597

Entry point:
11, FA, 33, 7C, 24, FC, 81, 3C, 24, C6, 75, 13, 55, C1, E5, 0D, C1, F8, 0B, C1, DB, 16, 87, E9, 2D, 3A, 26, 18, AB, 1B, 4C, 24, 04, C1, D1, 09, 81, F1, 6B, D8, F6, 69, FD, 42, F7, D1, 11, DD, 29, F8, 46, 01, F9, 90, 11, F9, C1, DA, 09, C1, D9, 07, C1, DA, 02, F7, 44, 24, FC, 6B, 6D, C8, F1, C1, EA, 0C, C1, F9, 06, FC, 31, E9, 19, D6, F7, 44, 24, 04, 57, DF, 98, A7, 81, E5, B4, 9C, 1E, 99, 03, 7C, 24, 10, F7, D0, 39, 54, 24, FC, 49, 87, FB, C1, E1, 12, FD, 2B, 1C, 24, F5, C1, CD, 16, 81, CE, EB, 2A, CF, 4D...
 
[+]

Code size:
382.5 KB (391,680 bytes)

Remove gruppa 30 zaycev net 02 - primerom.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.