home

phan mem chen doan phim vao power point.exe

Get your downloads

New IT Limited

This is part of a bundled installer which provides applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application phan mem chen doan phim vao power point.exe by New IT Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Company #1  (signed by New IT Limited)

Product:
Get your downloads

Version:
3, 1, 6, 0

MD5:
71670c2adeb757d5d41c7fdf3d216021

SHA-1:
d68286835c3977fa36037ed70e2b516eaf699dac

SHA-256:
f5d2195b1e004ce6dc990f886793e32eb3e8f8c175dd6de1f4ec277d648fb39c

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/16/2024 8:51:03 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.New IT Limited.NewIT (M)
16.1.18.7

File size:
365.7 KB (374,432 bytes)

Product version:
3, 1, 6, 0

Copyright:
Copyright (C) 2013

Trademarks:
TM(c)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\phan mem chen doan phim vao power point.exe

Digital Signature
Signed by:
New IT Limited

Authority:
GoDaddy.com, Inc.

Valid from:
11/4/2013 9:10:10 PM

Valid to:
11/16/2013 10:30:34 PM

Subject:
CN=New IT Limited, O=New IT Limited, L=Nicosia, S=Nicosia, C=CY

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2775184265BF42

File PE Metadata
Compilation timestamp:
11/12/2013 9:45:06 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:n1/G5r85A5hMOt6BZYMb2qRMK5imz+aU3cgxQwr:n9G5r85GhF6BZYkMKHz+aCxQs

Entry address:
0x2630D

Entry point:
E8, EB, 9B, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3...
 
[+]

Entropy:
6.4991

Code size:
234.5 KB (240,128 bytes)

Remove phan mem chen doan phim vao power point.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.