» prepreinstaller.exe
Overview
Analysis
File Details

prepreinstaller.exe

The executable prepreinstaller.exe has been detected as malware by 12 anti-virus scanners.

File name:

prepreinstaller.exe

MD5:

8035b8eb53a62375a194d2c446af78df

SHA-1:

a10487a705d9a10ca7a4fd0c95c0eeeb240cbf44

SHA-256:

77908e2c4de3e8d7cd4e6dc8fc254c7366bd1812263145ce93aec02e279a3aad

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

4/28/2024 8:06:28 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Dropper-gen [Drp]

2014.9-150605

Baidu Antivirus

Trojan.Win32.Downloader

4.0.3.15428

Emsisoft Anti-Malware

Trojan.GenericKD.2298748

8.15.06.05.07

F-Secure

Trojan.GenericKD.2298748

11.2015-05-06_6

herdProtect (fuzzy)

variant of mntz_installer.exe

2015.7.28.17

Kaspersky

HEUR:Trojan-Downloader.Win32.Generic

14.0.0.2122

Malwarebytes

Trojan.Agent

v2015.06.05.07

McAfee

Artemis!8035B8EB53A6

5600.6758

Panda Antivirus

Trj/Genetic.gen

15.04.28.02

Reason Heuristics

Threat.Win.Reputation.IMP

15.6.5.15

Trend Micro House Call

Suspicious_GEN.F47V0426

7.2.142

VIPRE Antivirus

Trojan.Win32.Generic

39434

File size:

2.8 MB (2,965,504 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\content.ie5\s47hu8yr\prepreinstaller.exe

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.24

CTPH (ssdeep):

24576:eMi482lGvmAjubDQJy5G2Ws0xV1lRNBVlRlr9/3+OTfyP4:ebuGvfyAJ/2Ws0xV1VBVlRlBjTu4

Entry address:

0x12C0

Entry point:

83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, EC, D3, 6B, 00, E8, AB, FE, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, 28, D4, 6B, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, 18, D4, 6B, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, 80, 61, 00, E8, D6, 0A, 19, 00, BA, 60, E5, 59, 00, 83, EC, 04, 85, C0, 74, 15, C7, 44, 24, 04, 13, 80, 61, 00, 89, 04, 24, E8, C2, 0A, 19, 00, 83, EC, 08, 89, C2, 85, D2, 74, 11, C7, 44, 24, 04, 08, C0, 6B, 00, C7... 
[+]

Entropy:

6.0522

Code size:

2.1 MB (2,159,104 bytes)

Remove prepreinstaller.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.