» installer.exe
Overview
Analysis
File Details
Downloads (1)

installer.exe

The executable installer.exe has been detected as malware by 3 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from www.cyclequickhead.com.

File name:

installer.exe

MD5:

70733a0d0ddfbf2204dcfa234e5ad8a3

SHA-1:

2890101d0537229de2448db46d94fc10dee0abe1

SHA-256:

63ead822b77d5fce393def025e3853a7a345ac07b9dbb0d46cee1b5fb5ef68c9

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

5/7/2024 5:59:50 PM UTC (today)

Scan engine

Detection

Engine version

Emsisoft Anti-Malware

Gen:Variant.Mikey.30271

10.0.0.5366

F-Secure

Variant.Application.Bundler

5.15.21

Norman

Gen:Variant.Application.Bundler.71

11.01.2016 17:30:26

File size:

504 KB (516,096 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\installer.exe

File PE Metadata

Compilation timestamp:

1/16/2016 5:51:38 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

12288:1u6/g6RVaHT5grq6GQNfxLVe12RyrhUnUEOpr24Ek6arF8xXbxDPy:weHVGGfxJe8UJEp7w6Y

Entry address:

0x72B69

Entry point:

6A, 60, 68, 80, 91, 47, 00, E8, 33, 15, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 7F, 16, 00, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 28, 90, 47, 00, 8B, 4E, 10, 89, 0D, 38, BC, 47, 00, 8B, 46, 04, A3, 44, BC, 47, 00, 8B, 56, 08, 89, 15, 48, BC, 47, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 3C, BC, 47, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 3C, BC, 47, 00, C1, E0, 08, 03, C2, A3, 40, BC, 47, 00, 33, F6, 56, 8B, 3D, 1C, 90, 47, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03... 
[+]

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

480 KB (491,520 bytes)

The file installer.exe has been seen being distributed by the following URL.

http://www.cyclequickhead.com/.../installer.exe

Remove installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.