home

parker.2013.deutsch.dvdrip.xvid.ac3.+.etrg_10924_i50969076_il345.exe

Runner Utility

LLC Arctic West

The executable parker.2013.deutsch.dvdrip.xvid.ac3.+.etrg_10924_i50969076_il345.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
Dummy, Ltd.  (signed by LLC Arctic West)

Product:
Runner Utility

Version:
1.0.0.188

MD5:
9a9b2e68551e4e45be6e042398f9afae

SHA-1:
81eb904758b6acea90d22305646955904ee30b74

SHA-256:
d5e5924cb970256395a72e9e2df93b92297b4f31882916d0288198af0046f1f1

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
5/14/2024 11:29:47 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.6.3

File size:
1.2 MB (1,303,040 bytes)

Product version:
1.0.0.188

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\parker.2013.deutsch.dvdrip.xvid.ac3.+.etrg_10924_i50969076_il345.exe

Digital Signature
Signed by:
LLC Arctic West

Authority:
COMODO CA Limited

Valid from:
8/25/2015 2:00:00 AM

Valid to:
8/25/2016 1:59:59 AM

Subject:
CN=LLC Arctic West, O=LLC Arctic West, STREET=Lviv highway 1, L=Mikolaiv, S=Lvovskaja, PostalCode=81600, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
416057CF015B4832DC973BA203AAB312

File PE Metadata
Compilation timestamp:
8/28/2015 12:23:10 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:2ttr9Vs4AzZlKbhxldVlkqVZYP/RvxFVIHHztyAyBCBgRm7dEjNeK8EQg8OVw:ytZbZdTTEPpvxFqnJy7x6edfQO6

Entry address:
0x19AD20

Entry point:
68, A1, 48, 8A, BB, E8, A9, 19, FF, FF, AF, B7, BB, 9E, 55, 00, 55, 47, 4F, B6, 09, 33, 50, E4, 8D, 25, DD, BE, 18, AF, 05, 25, 42, A6, 87, 6C, 17, 49, 5D, F0, BC, 9C, 83, BD, B2, CA, 74, 40, A5, 98, 10, A3, B9, 40, F0, 6C, A7, BC, DB, E4, 75, 8D, B7, A5, 67, DF, A9, B0, E2, 2D, E1, 8B, B0, A4, BB, D5, 93, B1, 5F, CF, A3, B9, B7, 97, 0C, C4, 73, EE, 3A, 85, A2, 50, E4, 23, 1C, E4, 8B, 2D, D0, 54, 20, A4, EA, 4A, 4B, 50, 71, 94, CD, 01, 58, 4C, A4, A9, 29, 51, 7E, B3, EF, 4F, 8F, 15, CF, 06, AB, 7C, DB, 7C...
 
[+]

Code size:
1.2 MB (1,291,776 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.