» intel-chipset-win8-7-server-2012-2008-2003-vista-xp-32-64bit-13.exe
Overview
Analysis
File Details
Downloads (1)

intel-chipset-win8-7-server-2012-2008-2003-vista-xp-32-64bit-13.exe

7-Zip

Igor Pavlov

The executable intel-chipset-win8-7-server-2012-2008-2003-vista-xp-32-64bit-13.exe has been detected as malware by 6 anti-virus scanners. The program is a setup application that uses the 7z Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from ns3.findlaptopdriver.com.

File name:

Publisher:

Igor Pavlov

Product:

7-Zip

Description:

7z SFX

Version:

9.22 beta

MD5:

68f04f6dfac77cf6ca4cde561c606341

SHA-1:

baee87bd5ee433f82d042080cf1c6326738d252e

SHA-256:

e719f345dee9b0b779fa01937566fc79ce2e5da3a60806c731ec7087fb6299bd

Scanner detections:

6 / 68

Status:

Malware

Analysis date:

4/26/2024 3:34:46 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Parite

160119-0

Dr.Web

Win32.Parite.2

9.0.1.05190

Emsisoft Anti-Malware

Win32.Parite

16.02.04

ESET NOD32

Win32/Parite.B virus

7.0.302.0

Microsoft Security Essentials

Threat.Undefined

1.213.5308.0

VIPRE Antivirus

Threat.46249

46904

File size:

4.3 MB (4,530,136 bytes)

Product version:

9.22 beta

Original file name:

7z.sfx.exe

File type:

Executable application (Win32 EXE)

Installer:

7z Setup

Language:

English (United States)

Common path:

C:\users\{user}\downloads\intel-chipset-win8-7-server-2012-2008-2003-vista-xp-32-64bit-13.exe

File PE Metadata

Compilation timestamp:

4/19/2011 1:54:03 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

98304:j7Oknq+5uUwP47yFeNMGWUM6gybNuNsDLtHD+2edW2gpf:j7OThUww7wHdybseDp7zB

Entry address:

0x2E000

Entry point:

BB, 45, DD, 3E, 00, 90, BF, 1E, E0, 42, 00, 68, 98, 05, 00, 00, 5A, 90, 31, 1C, 3A, 90, 90, 83, EA, 03, 4A, 90, 90, 75, F3, 90, 90, 90, AD, A0, 3F, 00, 45, DD, 3E, 00, 45, DD, 7E, 00, 37, 0D, 3F, 00, 75, B4, 7C, 00, 9D, B2, 7C, 00, 45, 6D, 3C, 00, 44, DD, 3E, 00, 45, DD, 7C, 00, B7, 84, 7C, 00, 9B, 84, 7C, 00, AD, 9D, 3C, 00, B5, 84, 3C, 00, 99, 84, 3C, 00, 45, 2F, 3F, 00, B5, 84, 3C, 00, 99, 84, 3C, 00, 45, DD, 3E, 00, 45, DD, 3E, 00, 45, DD, 3E, 00, 45, DD, 3E, 00, 29, DD, 7C, 00, 45, DD, 3E, 00, 45, DD... 
[+]

Entropy:

7.9919 (probably packed)

Code size:

123.5 KB (126,464 bytes)

The file intel-chipset-win8-7-server-2012-2008-2003-vista-xp-32-64bit-13.exe has been seen being distributed by the following URL.

http://ns3.findlaptopdriver.com/.../Intel-Chipset-Win8-7-Server-2012-2008-2003-Vista-XP-32-64bit-13.exe

Remove intel-chipset-win8-7-server-2012-2008-2003-vista-xp-32-64bit-13.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.