home

Installer.exe

Installer

Mike Santiago Inc

Publisher:
Mike Santiago Inc

Product:
Installer

Description:
SMBX Episode Manager Installer

Version:
1.0.1.0

MD5:
1478aa8240d0e36a17d199e62c22373d

SHA-1:
74f48b35c60b90ad9eb2f4fad0a90d6ea425ca60

SHA-256:
d09157aa87e2a19882415d85259981e885dae1c61b6b8b8ccb80fbe6b37705c4

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
7/5/2025 10:02:05 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clodd39.Trojan
1.3.0.6979

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.9.5.0

File size:
1.4 MB (1,512,960 bytes)

Product version:
1.0.1.0

Copyright:
Copyright © Mike Santiago Inc 2014

Original file name:
Installer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\installer.exe

File PE Metadata
Compilation timestamp:
8/10/2014 1:36:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:95QQB5QQB5QQo3XVVVVgVVKgVYC4MdNTRkL0sd5QQ:pddGupdNTRkL9J

Entry address:
0x11835E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
2.1649

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.1 MB (1,139,712 bytes)

The file Installer.exe has been seen being distributed by the following URL.

http://mrmiketheripper.x10.mx/.../Installer.exe

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to www.softologic.com  (174.37.181.31:80)

TCP (HTTP SSL):
Connects to www.ibbalance.com  (173.192.190.227:443)

TCP (HTTP):
Connects to stats-182385724-1591972470.us-east-1.elb.amazonaws.com  (54.221.252.69:80)

Scan Installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.