home

master karaoke_ hity 80-h, chast' 1 (versiya 4) - 2009, dvd9.exe

OOO Soft-Media

The application master karaoke_ hity 80-h, chast' 1 (versiya 4) - 2009, dvd9.exe by OOO Soft-Media has been detected as adware by 15 anti-malware scanners.
Publisher:
OOO Soft-Media  (signed and verified)

MD5:
69e21633df75da6bff79b31953d4bab7

SHA-1:
b5cdfe9e8c22422593ff4a14de38d3895f97444d

SHA-256:
966abd9ee33c2b58cdbf79d589ab236adf28e9d4df1c57f2349a55c5625c899c

Scanner detections:
15 / 68

Status:
Adware

Analysis date:
5/4/2024 1:14:13 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Rogue.11249737
7.11.164.206

avast!
Win32:Webalta-M [PUP]
140617-1

AVG
Win.Threat.Medium
2014.0.3986

Comodo Security
Application.Win32.Agent.WEFF
19039

ESET NOD32
Win32/AdWare.Toolbar.Webalta.FJ application
7.0.302.0

F-Prot
W32/A-b27892c0
v6.4.7.1.166

K7 AntiVirus
Adware
13.182.12911

Kaspersky
not-a-virus:HEUR:Downloader.Win32.LMN
15.0.0.494

McAfee
PUP-FIT
5600.7052

NANO AntiVirus
Trojan.Win32.LMN.cyovev
0.28.2.61148

Panda Antivirus
Trj/Genetic.gen
14.07.31.04

Reason Heuristics
PUP.OOOSoftMedia.HH
14.7.31.23

Sophos
WebAlta Toolbar
4.98

Vba32 AntiVirus
Signed-Downware.InstallMonstr
3.12.26.3

VIPRE Antivirus
Threat.4150696
31208

File size:
2 MB (2,126,736 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\master karaoke_ hity 80-h, chast' 1 (versiya 4) - 2009, dvd9.exe

Digital Signature
Signed by:
OOO Soft-Media

Authority:
COMODO CA Limited

Valid from:
10/16/2013 4:00:00 AM

Valid to:
10/17/2014 3:59:59 AM

Subject:
CN=OOO Soft-Media, O=OOO Soft-Media, STREET="Sovetskaya Ulitsa, 142", L=Irkutsk Gorod, S=Moscow, PostalCode=664009, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00EF2A3EF42C4224E0B9C35ACC1217B079

File PE Metadata
Compilation timestamp:
6/20/1992 2:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:20te51DtC0jRku6fBcEWZAvAKlS/ROs2BXqJ:20tW1DtzjReWZyhXK

Entry address:
0xA2390

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 21, 4A, 00, E8, 04, 47, F6, FF, A1, 2C, 5A, 4A, 00, 8B, 00, E8, F0, 5A, FB, FF, 8B, 0D, 44, 57, 4A, 00, A1, 2C, 5A, 4A, 00, 8B, 00, 8B, 15, 68, D4, 46, 00, E8, F0, 5A, FB, FF, 8B, 0D, 14, 57, 4A, 00, A1, 2C, 5A, 4A, 00, 8B, 00, 8B, 15, FC, D1, 46, 00, E8, D8, 5A, FB, FF, 8B, 0D, C8, 5A, 4A, 00, A1, 2C, 5A, 4A, 00, 8B, 00, 8B, 15, 1C, 1F, 4A, 00, E8, C0, 5A, FB, FF, A1, 2C, 5A, 4A, 00, 8B, 00, E8, 34, 5B, FB, FF, E8, 57, 20, F6, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
645.5 KB (660,992 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.