» lame_v3.99.3_for_windows.exe
Overview
Analysis
File Details
Downloads (1)

lame_v3.99.3_for_windows.exe

LAME

The executable lame_v3.99.3_for_windows.exe, “LAME Setup ” has been detected as malware by 10 anti-virus scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. Infected by the Parite virus, a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives. The file has been seen being downloaded from lame.buanzo.org.

File name:

Product:

LAME

Description:

LAME Setup

MD5:

0819d3f457149dceb33a7348fa25b2c9

SHA-1:

72a35581dfe5227fae99109655cf49ecab0b6081

SHA-256:

b481dcac21e8c640f3ec07bc4c273b212082e1eb5a9849ce2a685f03306e2b31

Scanner detections:

10 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/25/2024 10:18:11 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Parite

160310-2

AVG

Win32/Parite

2015.0.4530

Dr.Web

Win32.Parite.2

9.0.1.05190

ESET NOD32

Win32/Parite.B virus

8.0.319.0

F-Prot

W32/Parite.B

4.6.5.141

Kaspersky

Virus.Win32.Parite

15.0.0.562

McAfee

Virus.W32/Pate.b

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.215.2627.0

Norman

Win32.Parite.B

29.02.2016 03:11:57

VIPRE Antivirus

Threat.46249

47432

File size:

689 KB (705,494 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\lame_v3.99.3_for_windows.exe

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:ynaYqcK7d2Sb8/iGpmTtcvS38LCJQBtdGs1rBLsWYusBj0t0kWxcp:yna5Jvb8/iGMxkS3rJQBtUkBgWHsyv

Entry address:

0x14000

Entry point:

90, B9, 34, 3F, 85, 00, 68, 1C, 40, 41, 00, 5A, BF, 98, 05, 00, 00, 90, 90, 31, 0C, 3A, 90, 90, 83, EF, 03, 4F, 90, 90, 75, F3, DC, 42, 84, 00, 34, 3F, 85, 00, 34, 3F, C5, 00, 74, A3, 85, 00, 0B, 33, 8D, 00, E2, 2C, 8D, 00, 34, 8F, 87, 00, CB, C0, 7A, FF, 80, EF, C5, 00, 50, ED, C5, 00, 48, ED, C5, 00, 34, 3F, 85, 00, 34, 3F, 85, 00, 34, 3F, 85, 00, 80, A3, 85, 00, 56, ED, 85, 00, 4E, ED, 85, 00, 34, 3F, 85, 00, 34, 3F, 85, 00, 34, 3F, 85, 00, 34, 3F, 85, 00, 28, EE, C5, 00, 34, 3F, 85, 00, 34, 3F, 85, 00... 
[+]

Code size:

37 KB (37,888 bytes)

The file lame_v3.99.3_for_windows.exe has been seen being distributed by the following URL.

http://lame.buanzo.org/Lame_v3.99.3_for_Windows.exe

Remove lame_v3.99.3_for_windows.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.