home

nero.7.10.1.0.lite.exe

Personal Email

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from s6420.chomikuj.pl and multiple other hosts.
Publisher:
UpdatePack.nl   (signed by Personal Email)

Description:
Nero 7 Lite

Version:
1.9.3.0

MD5:
ce99b4e2980487e6f76e43f53e393fa8

SHA-1:
d0cfee3f3b1f2fa1ae4186780c262503cd494d5e

SHA-256:
236b94665259c4cf7cb322778f6209269beeec4f022535223464e1b4cf540b9a

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 6:38:50 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
Trojan.DL.Win32.Agent.ejw
23.00.65.15717

File size:
45.5 MB (47,666,592 bytes)

Copyright:
Klaas Nekeman

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
English (United States)

Common path:
C:\Program Files\nero 7.10.1.0 lite\nero.7.10.1.0.lite.exe

Digital Signature
Signed by:
Personal Email

Authority:
Unizeto Sp. z o.o.

Valid from:
8/26/2007 1:24:58 AM

Valid to:
11/24/2007 12:24:58 AM

Subject:
E=klaasnekeman@chello.nl, CN=Klaas Nekeman, O=Personal Email, C=NL

Issuer:
CN=Certum Level I, O=Unizeto Sp. z o.o., C=PL

Serial number:
039972

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:wrrF9qW+g7bOMqs+p9ZN5DsgbhR18H1rego6G6mRuN18gFxM1XPzOQxdia:wrrF3+xM1evPhm1KUYxgFxiPzOyEa

Entry address:
0x98CC

Entry point:
55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, FA, 97, FF, FF, E8, 01, AA, FF, FF, E8, 2C, CC, FF, FF, E8, 73, CC, FF, FF, E8, 0A, F3, FF, FF, E8, 71, F4, FF, FF, 33, C0, 55, 68, 76, 9F, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 2C, 9F, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 26, FA, FF, FF, 8D, 55, F0, 33, C0, E8, E0, D0, FF, FF, 8B, 55, F0, B8, D8, BD, 40, 00, E8, AB, 98, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D8, BD, 40, 00, B2, 01, B8...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36 KB (36,864 bytes)

The file nero.7.10.1.0.lite.exe has been seen being distributed by the following 6 URLs.

http://s6420.chomikuj.pl/File.aspx?e=Zp2fmgGyUJwGuNV7RkGes9-PkEaZDiy4sTo4qsoTUJblWGR6DunWXWApF4F8FgKIrqWMU81A9WqOxiwO0DB72QzdhG25ayxd537OigsYE88jrO-SO-PlTRI75VoQZed4-ca9QwaWdJd6KKyncYYAOchNbFrhrZDwwzK3YbwRugs&pv=2

http://s6420.chomikuj.pl/File.aspx?e=Zp2fmgGyUJwGuNV7RkGes03OtxM9KTkAMY5vDyqSGM9xGXXPbV2Zj87dnEHj1t3l3TVNKNl3lOaQbAM0VEuZYd39USOurhCuok4iB8fqt7REfjGY2BEwTgLYty0IvOmUKXlt7kjGPDkbGpTpFzUl3F_wjlBEbmtqFCs4nb8nPm0&pv=2

http://s6420.chomikuj.pl/File.aspx?e=Zp2fmgGyUJwGuNV7RkGes8Rft0mV4j8WMSBl6upY8yVV8-vWfGwl6KGc2vERh5mWxh57KPCtFaRoVqbMEuekgiypC8Bw3YG_eRD41WWFswx0fgZyHrvZBdtS-vaHNfigx4Szrgczbkw9Ly9IvAkfUHT5YmCsG9v6bbD8CZORLm4&pv=2

http://s10013.chomikuj.pl/File.aspx?e=Zp2fmgGyUJwGuNV7RkGesx6wv_tYcMx8MuNoVxK8hJkxSfCpFamg416j6uqqajD8CMD3AgQHUz-JEUznKOMkrfPHkDDbnsSIAg8jYPYbGO6M3GytQ3gPLO99rCVoA1ZGyr6pc02pS6eKjIRHxizkkje3Mmc_HaCfFhaNSn9irw4&pv=2

http://s10013.chomikuj.pl/File.aspx?e=Zp2fmgGyUJwGuNV7RkGes9cctDfrqjC5EqUecrgsRAvP2B0GcrppW72SBlnH-d6N8cU1-wXvvm2Tpbjw20s_BTheLScNOeACM_0W63JbMtuj_X_MJXngT4OVeV9v9od31cjmiqxQ0ScGwKhwLqcBE_eDGAGRY9tazmYWavmSamQ&pv=2

http://s10013.chomikuj.pl/File.aspx?e=Zp2fmgGyUJwGuNV7RkGes575fV0ktCor7MzkXR61BCA9o9cyvA-P9vaK7Z4uP69VCJjVxnk754hrWyd6AE-c9jB8KI2oQIQpV-KykcOMEg1N0jZrPltJ84HvEz0Z3Cf0nBU5-L_kewPQ7s6XNn-vMiKsuJtOiG_VidrPaas7fDg&pv=2

Scan nero.7.10.1.0.lite.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.