» installer.exe
Overview
Analysis
File Details
Downloads (1)

installer.exe

The executable installer.exe has been detected as malware by 3 anti-virus scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from www.laboratorymegachuckle.com.

File name:

installer.exe

MD5:

c3f8512b595990da5b23769482e47e73

SHA-1:

792789721254079c644bc41ece175c13714d2a48

SHA-256:

005d4ad01ca56d914d771eb847c371db3287c4e62a7884613c86fba8c6400e99

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

4/26/2024 10:21:20 PM UTC (today)

Scan engine

Detection

Engine version

Emsisoft Anti-Malware

Gen:Variant.Application.Bundler.71

10.0.0.5366

F-Secure

Variant.Application.Bundler

5.15.21

Norman

Gen:Variant.Application.Bundler.71

14.01.2016 17:09:34

File size:

372 KB (380,928 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\installer.exe

File PE Metadata

Compilation timestamp:

1/16/2016 2:34:12 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

6144:deLzKNFKf1gYu8RyYJ5135trtcQ2/LVx2aDb8/cXWgUza8VIjH:ISqf4IpjrszVtDw/FgodIj

Entry address:

0x50B69

Entry point:

6A, 60, 68, 80, 71, 45, 00, E8, 33, 15, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 7F, 16, 00, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 28, 70, 45, 00, 8B, 4E, 10, 89, 0D, 38, 9C, 45, 00, 8B, 46, 04, A3, 44, 9C, 45, 00, 8B, 56, 08, 89, 15, 48, 9C, 45, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 3C, 9C, 45, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 3C, 9C, 45, 00, C1, E0, 08, 03, C2, A3, 40, 9C, 45, 00, 33, F6, 56, 8B, 3D, 1C, 70, 45, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03... 
[+]

Entropy:

6.8491

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

344 KB (352,256 bytes)

The file installer.exe has been seen being distributed by the following URL.

http://www.laboratorymegachuckle.com/.../installer.exe

Remove installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.