» police-lineup.exe
Overview
Analysis
File Details
Downloads (1)

police-lineup.exe

The application police-lineup.exe has been detected as a potentially unwanted program by 14 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from installerlaunch-mtfg1.com.

File name:

police-lineup.exe

MD5:

bc39f02a70de5e2bc16d264180eed652

SHA-1:

4e341253d736b5bca5ae448828349e00e80bc76b

SHA-256:

5f6e77d3570a46858fdf22daf8db5b91b5ef3565c00904855e07d2ee62990f08

Scanner detections:

14 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

4/20/2024 3:42:09 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.InstallCore

7.1.1

Avira AntiVirus

PUA/InstallCore.Gen

8.3.1.6

Clam AntiVirus

Win.Trojan.Installcore-66

0.98/20559

Dr.Web

Adware.InstallCore.40

9.0.1.05190

ESET NOD32

Win32/InstallCore.AL potentially unwanted application

7.0.302.0

F-Prot

W32/InstallCore.V2.gen

4.6.5.141

K7 AntiVirus

Unwanted-Program

13.204.16204

Malwarebytes

PUP.Optional.FearlessArcade.A

v2015.06.10.11

Reason Heuristics

Threat.Win.Reputation.IMP

15.6.10.19

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.15608

Sophos

PUA 'Install Core Installer'

5.15

Trend Micro House Call

HV_INSTALLCORE_BK0801CA.TOMC

7.2.161

Vba32 AntiVirus

Signed-Adware.InstallCore

3.12.26.4

VIPRE Antivirus

Threat.4150696

40824

File size:

1 MB (1,053,536 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\My documents\downloads\police-lineup.exe

File PE Metadata

Compilation timestamp:

6/19/1992 5:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:5tLo3vExF7IppLXSa1McX4XSAuSZ5hzznOuK:JF6bSvcXVFSBX/

Entry address:

0xC1FA0

Entry point:

55, 8B, EC, 83, C4, F0, B8, 5C, 3A, 40, 00, E8, 19, F3, FF, FF, 8B, D1, E8, B9, 01, 00, 00, 5B, C3, 83, FA, 04, 7C, 0C, 8B, CA, 81, C9, 02, 00, 00, 80, 89, 08, 89, 0B, 5B, C3, FF, 05, B0, A5, 47, 00, 8B, D0, 83, EA, 04, 8B, 12, 81, E2, FC, FF, FF, 7F, 83, EA, 04, 01, 15, B4, A5, 47, 00, E8, F3, 05, 00, 00, C3, 8B, C0, 83, FA, 0C, 7C, 0E, 83, CA, 02, 89, 10, 83, C0, 04, E8, CA, FF, FF, FF, C3, 83, FA, 04, 7C, 0A, 8B, CA, 81, C9, 02, 00, 00, 80, 89, 08, 03, C2, 83, 20, FE, C3, 53, 56, 8B, D0, 83, EA, 04, 8B... 
[+]

Entropy:

6.9159

Developed / compiled with:

Microsoft Visual C++

Code size:

786.5 KB (805,376 bytes)

The file police-lineup.exe has been seen being distributed by the following URL.

http://installerlaunch-mtfg1.com/.../MyTopFreeGames-iCore.exe&dn=police-lineup.exe&sid=4721-5.6&pid=mtfg-ic-5.6&browser=ch&ptrk=bp5pbj924qk3i7kmd4qkpl5lp1

Remove police-lineup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.