home

instalador.exe

GHUNTER INTERNET LTDA - ME

Publisher:
GHUNTER INTERNET LTDA - ME  (signed and verified)

Version:
1.0.1.2

MD5:
16c53ccc30434d5c74bdc409ea9bab1b

SHA-1:
8515e7d3f9179a7779c4b592d57cd2dd50cf599c

SHA-256:
a283e9f462df2036a1a50377c6827a0361f19daaa40161939e973a8045916e71

Scanner detections:
4 / 68

Status:
Clean  (4 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 11:42:17 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Downloader.Agent (variant)
9.8412

Malwarebytes
Trojan.Downloader.Agent
v2015.07.24.04

Panda Antivirus
Suspicious file
15.07.24.04

Trend Micro House Call
TROJ_GEN.F47V0527
7.2.205

File size:
4.7 MB (4,979,736 bytes)

Product version:
1.0

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\users\{user}\appdata\local\temp\instalador.exe

Digital Signature
Signed by:
GHUNTER INTERNET LTDA - ME

Authority:
GoDaddy.com, Inc.

Valid from:
2/13/2013 5:00:19 PM

Valid to:
2/13/2014 5:00:19 PM

Subject:
CN=GHUNTER INTERNET LTDA - ME, O=GHUNTER INTERNET LTDA - ME, L=BIGUAÇU, S=SANTA CATARINA, C=BR

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
043CCB61E0A8D9

File PE Metadata
Compilation timestamp:
5/17/2013 1:20:18 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:OQuHE3gkcSmp9p1s/TiAPBuKtw6FgmanLOSUw5rVTOT4YuwddxRJJZq/4h:O7E3ghpi/miTgmanLOSUXJZI4h

Entry address:
0x27FE14

Entry point:
55, 8B, EC, 83, C4, F0, B8, F0, 06, 67, 00, E8, 74, AD, D8, FF, A1, C4, 10, 69, 00, 8B, 00, E8, 28, 7E, E5, FF, A1, C4, 10, 69, 00, 8B, 00, 33, D2, E8, 32, 9A, E5, FF, 8B, 0D, C8, 0A, 69, 00, A1, C4, 10, 69, 00, 8B, 00, 8B, 15, 04, E0, 66, 00, E8, 1A, 7E, E5, FF, A1, C4, 10, 69, 00, 8B, 00, E8, 5E, 7F, E5, FF, E8, 09, 65, D8, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.5 MB (2,614,272 bytes)

Scan instalador.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.