» installimvu_471.0_st_c.exe
Overview
Analysis
File Details
Programs (1)
Downloads (1)

installimvu_471.0_st_c.exe

IMVU

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from static-akm.imvu.com.

File name:

Publisher:

IMVU (signed and verified)

MD5:

dddd681683f20cdc56bf00962788cec4

SHA-1:

f51b98cd5e4cd21dfc5d163c4b96a35b099d0e63

SHA-256:

0272776e20ba0b471c5f8b6d7b3e68aa13aabd0c86b29beed9f11ba6430c765f

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 11:04:18 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.24.3

File size:

76.6 KB (78,480 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\installimvu_471.0_st_c.exe

Digital Signature

Signed by:

IMVU

Authority:

VeriSign, Inc.

Valid from:

2/15/2012 7:00:00 PM

Valid to:

4/1/2015 7:59:59 PM

Subject:

CN=IMVU, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IMVU, L=Palo Alto, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

347B78CDF0BC7E2A47105EC2A65FCCD9

File PE Metadata

Compilation timestamp:

12/5/2009 5:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:WLXB65939tY6HBg4sXJjBs8na3lm/PFBib9n:WLk395hYXJ9zZ3

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

6.9706

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file installimvu_471.0_st_c.exe has been discovered within the following program.

BitTorrent by BitTorrent Inc.

BitTorrent is a desktop application that allows you to work with torrent files.BitTorrent allows you to download files available as torrents, search torrent sites for music, videos, books, software and other free or public domain material.

www.bittorrent.com

7% remove it

The file installimvu_471.0_st_c.exe has been seen being distributed by the following URL.

http://static-akm.imvu.com/imvufiles/.../InstallIMVU_471.0_st_c.exe

Scan installimvu_471.0_st_c.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.