home

msi37dc.tmp

RITLABS S.R.L.

Publisher:
RITLABS S.R.L.  (signed and verified)

MD5:
b750fd42ef41ccece205384d2a9c9c3f

SHA-1:
9b0dc8d89f4b3fd065fba2307dccd5f655115c46

SHA-256:
d4980eb58b3e6428631dd9e9844a6300ae1d0807eb79c6974f49274eabf236e4

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
8/6/2025 10:17:01 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
Heur.Packed.Unknown
24350

Zillya! Antivirus
Trojan.Katusha.Win32.44270
2.0.0.2690

File size:
178.1 KB (182,376 bytes)

Common path:
C:\users\{user}\appdata\local\temp\msi37dc.tmp

Digital Signature
Signed by:
RITLABS S.R.L.

Authority:
Symantec Corporation

Valid from:
6/26/2015 2:00:00 AM

Valid to:
6/26/2016 1:59:59 AM

Subject:
CN=RITLABS S.R.L., O=RITLABS S.R.L., L=Chisinau, S=Republic of Moldova, C=MD

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
11756D584184E9FAADE0D8E77D289B67

File PE Metadata
Compilation timestamp:
2/19/2016 8:19:53 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3072:3k2Pyr5iBkFMHWkJX1ObD5pOrrP6erP2:3kMy02kJyP

Entry address:
0x23514

Entry point:
55, 8B, EC, 83, C4, C0, B8, 4C, F7, 41, 00, E8, 40, 5B, FE, FF, E8, FF, 27, FE, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
136 KB (139,264 bytes)

Scan msi37dc.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.