home

privet kak dela.exe

LLC ITC

The application privet kak dela.exe by LLC ITC has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
LLC ITC  (signed and verified)

MD5:
95f7c1b95950d2458c21d2f042647cef

SHA-1:
055605fd70a204be9a702b543e01b66757c16134

SHA-256:
10f7505b726d9d2a9894745fb17abd1abe1cad529bafb6ac06f74d65bc578e3e

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/28/2024 1:28:55 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.17.7

File size:
489.9 KB (501,608 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\Music\privet kak dela.exe

Digital Signature
Signed by:
LLC ITC

Authority:
COMODO CA Limited

Valid from:
6/26/2014 5:00:00 AM

Valid to:
6/27/2015 4:59:59 AM

Subject:
CN=LLC ITC, O=LLC ITC, STREET=Vvedenskogo 11/3, L=Moscow, S=Moscow oblast, PostalCode=117342, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F4DBD55156EE0DAFED4BAB130328504E

File PE Metadata
Compilation timestamp:
7/19/2014 9:22:12 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
24.27

Entry address:
0x9190

Entry point:
F8, 19, E6, F9, F7, D3, C1, D9, 13, 87, DD, 01, C8, C1, E8, 0A, C1, C8, 02, 48, 45, C1, D5, 19, 35, C1, FF, A0, 37, C1, FA, 07, 90, 13, 0D, 7E, EF, 42, 00, F9, F9, D1, D0, 1B, 44, 24, 04, 89, C8, F9, 29, D9, C1, D1, 12, F7, D2, 85, 4C, 24, 0C, 0F, BA, F2, 11, 87, F1, F9, F9, 31, FB, 01, C0, 23, 5C, 24, F0, C1, E3, 0B, 0F, BA, FF, 10, 0B, 7C, 24, 0C, 0F, BA, ED, 1D, F5, 87, EF, 2B, 05, C7, 56, 41, 00, 0F, BA, E5, 0D, 0B, 3D, 13, C9, 43, 00, 4B, C1, C0, 09, C1, DF, 06, 11, EA, C1, E0, 18, F8, C1, CA, 14, C1...
 
[+]

Code size:
411 KB (420,864 bytes)

Remove privet kak dela.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.