home

±ø¾ç¼­»ý_10924_i84213880_il345.exe

Sony PC Companion

KASHTAN OOO

The executable ±ø¾ç¼­»ý_10924_i84213880_il345.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
Sony Mobile Communications   (signed by KASHTAN OOO)

Product:
Sony PC Companion

Version:
2.10.275

MD5:
9f341989a090646a65d98e39c35f163d

SHA-1:
0d746163dac12a64fa6e2f78e18a754446507463

SHA-256:
cd27a0f3b464dce602015cd61c677ff7704b87e40864794a14893b85fe82dca2

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
5/15/2024 10:00:52 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.2.20

File size:
4.6 MB (4,875,480 bytes)

Product version:
2.10.275

Copyright:
Sony

Original file name:
stub32i.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\±ø¾ç¼­»ý_10924_i84213880_il345.exe

Digital Signature
Signed by:
KASHTAN OOO

Authority:
Thawte, Inc.

Valid from:
7/5/2015 9:00:00 AM

Valid to:
5/22/2016 8:59:59 AM

Subject:
CN=KASHTAN OOO, O=KASHTAN OOO, L=Naberezhnye Chelny, S=Tatarstan republic, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
468BE39F7FCABE2D4D2D070862DD916B

File PE Metadata
Compilation timestamp:
11/13/2015 10:22:48 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x3A1EE2

Entry point:
68, 1A, B8, E7, 69, E8, 71, 94, FE, FF, 50, F0, 1F, FD, FD, 8B, E7, 92, 6C, 3C, B4, 07, C2, B3, 30, 7E, 4C, 45, 47, C9, CD, 2F, 4D, 20, 62, 81, 9C, BF, 0F, 99, 12, 17, 17, A5, 36, 35, CA, 8A, 17, 30, F6, 1F, FC, 6D, 7D, 7B, A9, E5, 41, 38, 4E, 40, FD, 24, 7B, D4, 5C, 50, CB, 04, B9, E1, DE, 29, 15, 28, 9E, 66, 77, 84, 94, A4, 2D, 93, D1, A1, 3E, B1, 03, 48, E9, 34, 46, 06, 93, 33, EC, 94, 1E, 66, A4, 64, E5, E8, 9E, 41, 48, 8F, C4, B8, 7B, 22, 87, 70, C8, EB, DC, 17, D4, 4C, 8B, E5, 0F, B7, E8, 0F, BF, EC...
 
[+]

Entropy:
7.3733

Code size:
3.3 MB (3,479,040 bytes)

Remove ±ø¾ç¼­»ý_10924_i84213880_il345.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.