» pm_viewer.exe
Overview
Analysis
File Details

pm_viewer.exe

Platte International Limited

The executable pm_viewer.exe has been detected as malware by 12 anti-virus scanners.

File name:

pm_viewer.exe

Publisher:

Platte International Limited (signed and verified)

MD5:

126785ba4e7a0713a69211386c4c94bf

SHA-1:

27bb503b91d410bbcecd562633914e508cf71782

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

10/31/2024 11:38:50 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Agent.cada.6206

7.11.183.0

avast!

Win32:Trojan-gen

2014.9-160428

AVG

PlatteMedia.6af

2017.0.2759

Comodo Security

UnclassifiedMalware

19990

ESET NOD32

Win32/PlatteMedia (variant)

10.10666

G Data

Win32.Trojan.Agent.2C244R

16.4.24

IKARUS anti.virus

Win32.Trojan

t3scan.1.8.3.0

McAfee

Artemis!126785BA4E7A

5600.6415

Norman

FakeAV.HUM

11.20160428

Qihoo 360 Security

Win32/Trojan.f05

1.0.0.1015

Sophos

Generic PUA CH

4.98

VIPRE Antivirus

Trojan.Win32.Generic

34498

File size:

685.5 KB (701,960 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Platte International Limited

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

2/18/2009 1:00:00 AM

Valid to:

2/19/2010 12:59:59 AM

Subject:

CN=Platte International Limited, OU=Technical Development, O=Platte International Limited, L=Leeds, S=West Yorkshire, C=UK

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

724DB586248083F9261CE3920AAFFA6D

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:IC/dAEQ/mluBIK49IksPGVl2cJmNtVSyr+vJxB6:lAdIKc0YzJmlSyyvnB6

Entry address:

0x8B36C

Entry point:

55, 8B, EC, 83, C4, F4, B8, D4, B0, 48, 00, E8, 6C, BB, F7, FF, 33, C0, 55, 68, 4C, B4, 48, 00, 64, FF, 30, 64, 89, 20, B8, A0, 0A, 49, 00, BA, 60, B4, 48, 00, E8, F7, 87, F7, FF, A1, A0, 0A, 49, 00, E8, DD, 8B, F7, FF, 50, 6A, 00, 6A, 00, E8, 07, BC, F7, FF, A3, A4, 0A, 49, 00, 33, C0, 55, 68, 07, B4, 48, 00, 64, FF, 30, 64, 89, 20, E8, B7, BC, F7, FF, 3D, B7, 00, 00, 00, 74, 1D, 6A, 64, A1, A4, 0A, 49, 00, 50, E8, 13, BE, F7, FF, 3D, 02, 01, 00, 00, 74, 09, 83, 3D, A4, 0A, 49, 00, 00, 75, 05, E8, 16, 86... 
[+]

Entropy:

6.7676

Developed / compiled with:

Microsoft Visual C++

Code size:

553.5 KB (566,784 bytes)

Remove pm_viewer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.