home

Movier.exe

Movier

Publisher:
Movier

Product:
Movier

Version:
1.1.3.0

MD5:
baa7ca32e00f4332fb3c8c8c17d03ede

SHA-1:
18f87c8823dcb82eeccf18ac7eb91d14899eab74

SHA-256:
da327d2fc34faa7c52b51bc37460d6fb95a4d90c78db71650d72f5b5534fab91

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 5:29:49 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
GenPack:Trojan.Downloader.Banker.BS
8.14.02.20.06

Trend Micro House Call
TROJ_GEN.F47V0806
7.2.51

File size:
1.3 MB (1,354,240 bytes)

Product version:
1.1.3.0

Copyright:
Copyright © Movier 2008

Original file name:
Movier.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\movier\movier.exe

File PE Metadata
Compilation timestamp:
8/3/2013 6:47:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:A1Y5iLT5lrxhblgpcQZn1nvAkcTMGCOKTVZ3ev/q:A1MsT5ndQBtAY3HRFO/q

Entry address:
0x143852

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.1955

Code size:
1.3 MB (1,317,376 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to float.1196.bm-impbus.prod.sin1.adnexus.net  (68.67.176.28:80)

TCP (HTTP):
Connects to float.1193.bm-impbus.prod.sin1.adnexus.net  (68.67.176.25:80)

TCP (HTTP):
Connects to float.1178.bm-impbus.prod.sin1.adnexus.net  (68.67.176.10:80)

TCP (HTTP):
Connects to a69-192-4-24.deploy.akamaitechnologies.com  (69.192.4.24:80)

Scan Movier.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.