home

passions-philosophy_and_the_intelligence_of_emotions_-_robert_c._solomon.zip.exe

The application passions-philosophy_and_the_intelligence_of_emotions_-_robert_c._solomon.zip.exe has been detected as a potentially unwanted program by 16 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from protectdatabase.com.
MD5:
1acf47f2bdc565d09f46c88659ee398d

SHA-1:
098c6dd6c814762f3941192325fe8476f578b44e

SHA-256:
b42b6a47248405c5b892b6fc7c4e4ef39e58f83dfaff3b061b5afe10b04d9711

Scanner detections:
16 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/25/2024 5:39:41 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Downloader.Gen6
7.11.142.138

AVG
InstallCore
2015.0.3508

Clam AntiVirus
W32.Adware.InstallCore-1
0.98/18355

Comodo Security
Application.Win32.ClickRun.A
18082

Dr.Web
Adware.InstallCore.43
9.0.1.0100

ESET NOD32
Win32/InstallCore
8.9662

F-Prot
W32/InstallCore.V2.gen
v6.4.7.1.166

K7 AntiVirus
Unwanted-Program
13.183.13584

NANO AntiVirus
Trojan.Win32.InstallCore.crejfv
0.28.0.59048

Panda Antivirus
PUP/MultiToolbar.A
14.04.10.04

Reason Heuristics
Threat.Win.Reputation.IMP
14.10.11.15

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.14408

Sophos
Install Core Click run software
4.98

Total Defense
Win32/InstallCore!Adware
37.0.10870

Vba32 AntiVirus
Adware.InstallCore.gen
3.12.26.0

VIPRE Antivirus
Click run software
28194

File size:
1 MB (1,055,504 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\passions-philosophy_and_the_intelligence_of_emotions_-_robert_c._solomon.zip.exe

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:aNmLc8UKe0Hxzgf5qg4a4VgbEHgXvKHTXoMibFIwOu:aDKeixUfj4HgYHgfkTYMMFIwO

Entry address:
0xC17DB

Entry point:
55, 8B, EC, 83, C4, F0, B8, 12, C3, 47, 00, E8, B3, DD, FF, FF, 77, 86, 68, 40, 20, EE, F3, EF, E0, FA, DC, AE, 74, 6D, 87, EA, 24, 12, 52, 60, AD, CF, 88, F5, 94, F6, 2C, F0, 0C, 85, EE, F5, EC, A2, DD, 92, 5D, 8A, 8B, 53, 11, A1, CD, 8E, 64, 79, 50, 7F, 9B, EC, 8D, 4C, 15, AA, F4, 09, 41, CE, 5B, ED, 9A, 61, DF, 3B, 02, DC, FA, 7F, 33, 10, 63, 54, 2E, 00, DC, AC, D8, A1, 4D, 4B, 30, 88, 8C, 10, BB, DF, C6, 1D, 36, 58, 7E, 0D, 8A, DA, 79, B5, 9E, 1C, 1F, 3C, 8B, 72, 17, 62, 3B, 8C, 3C, 67, 88, DA, 1F, D3...
 
[+]

Entropy:
6.9711

Developed / compiled with:
Microsoft Visual C++

Code size:
787 KB (805,888 bytes)

The file passions-philosophy_and_the_intelligence_of_emotions_-_robert_c._solomon.zip.exe has been seen being distributed by the following URL.

http://protectdatabase.com/files/278e363a0de7b9f6c16087fe2f5d2b5e/download.php?get&file_id=gs1eeae4h5fi0&advert=137&sub=1030&site=93&filename=Passions-Philosophy and the Intelligence of Emotions - Robert C. Solomon.zip&name=Passions-Philosophy_and_the_Intelligence_of_Emotions_-_Robert_C._Solomon.zip&data=vk5IHRET BLY1KlJNeWfBkUNeYkvKttUBnGQ/.../Sg==&ip=109.65.148.90&country=IL

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.