» mir452installer.exe
Overview
Analysis
File Details
Downloads (2)

mir452installer.exe

Multiple Image Resizer .NET 4.5.2

Acumen Business Systems Ltd

This is a self-extracting archive and installer. The file has been seen being downloaded from files.downloadnow.com and multiple other hosts.

File name:

mir452installer.exe

Publisher:

Acumen Business Systems Ltd (signed by Acumen Business Systems Ltd)

Product:

Multiple Image Resizer .NET 4.5.2

Description:

Multiple Image Resizer .NET 4.5.2 Installation

Version:

4.5.2.1

MD5:

c21ef17612aeb1faee963a4b47f4677a

SHA-1:

c0f4d0b69025266a3a2c4c3800ad761c272311db

SHA-256:

3d77942cb701d712558d66a274af71ad1267af31d8581dbc752e6bb41bd668ec

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/19/2024 10:26:31 AM UTC (today)

Scan engine

Detection

Engine version

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.8.9.0

Trend Micro House Call

Suspicious_GEN.F47V0414

7.2.148

VIPRE Antivirus

Trojan.Win32.Generic!SB.0

40586

File size:

11.5 MB (12,104,816 bytes)

Product version:

4.5.2.1, 0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\mir452installer.exe

Digital Signature

Signed by:

Acumen Business Systems Ltd

Authority:

COMODO CA Limited

Valid from:

9/13/2012 4:00:00 AM

Valid to:

9/14/2017 3:59:59 AM

Subject:

CN=Acumen Business Systems Ltd, O=Acumen Business Systems Ltd, STREET=16 The Boiler House, STREET=Electric Wharf, L=Coventry, S=West Midlands, PostalCode=CV1 4JU, C=GB

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D26E5DFA05493E5B93D70A74A2A1288D

File PE Metadata

Compilation timestamp:

11/29/2014 2:13:54 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

196608:KmcQ0v/yrensNQpKv1xOCgwzoTKsTxD5hw9JTfeVZLUS54cmacK6dNH5R6Rvf7Hm:KmctsNQodjEKCJzw9lsUSbozkn7tPnc

Entry address:

0x1E290

Entry point:

E8, 6F, 31, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 78, 30, 43, 00, 89, 0D, 74, 30, 43, 00, 89, 15, 70, 30, 43, 00, 89, 1D, 6C, 30, 43, 00, 89, 35, 68, 30, 43, 00, 89, 3D, 64, 30, 43, 00, 66, 8C, 15, 90, 30, 43, 00, 66, 8C, 0D, 84, 30, 43, 00, 66, 8C, 1D, 60, 30, 43, 00, 66, 8C, 05, 5C, 30, 43, 00, 66, 8C, 25, 58, 30, 43, 00, 66, 8C, 2D, 54, 30, 43, 00, 9C, 8F, 05, 88, 30, 43, 00, 8B, 45, 00, A3, 7C, 30, 43, 00, 8B, 45, 04, A3, 80, 30, 43, 00, 8D, 45, 08, A3, 8C, 30, 43... 
[+]

Entropy:

7.9937 (probably packed)

Code size:

154.5 KB (158,208 bytes)

The file mir452installer.exe has been seen being distributed by the following 2 URLs.

http://files.downloadnow.com/s/software/14/24/11/.../Mir452Installer.exe

https://www.multipleimageresizer.net/download/.../Mir452Installer.exe

Scan mir452installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.