» profile view - 5v2.exe
Overview
Analysis
File Details

profile view - 5v2.exe

Profile View installer

rinim

The executable profile view - 5v2.exe, “Deploy Profile View browsers extension” has been detected as malware by 28 anti-virus scanners.

File name:

Publisher:

rinim (signed and verified)

Product:

Profile View installer

Description:

Deploy Profile View browsers extension

Version:

1.7.4

MD5:

c5b2247a37a8d26063af55c6c975782d

SHA-1:

f6c39bb6a92fc0a341bee9b99d2ca114c3850e6b

SHA-256:

7b5f495dbc987f16c1f331141dd9dd62a8066503226d5bf457cbd5875515a600

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

4/19/2024 11:08:07 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.DP.tK1@aGqXprbi

1015

Avira AntiVirus

JS/Redirect.BR

7.11.122.50

avast!

Other:Febipos-A [Trj]

2014.9-140426

AVG

Clicker

2015.0.3493

Baidu Antivirus

Trojan.JS.Clicker

4.0.3.14426

Bitdefender

Gen:Trojan.Heur.DP.tK1@aGqXprbi

1.0.20.580

Bkav FE

W32.Clod49c.Trojan

1.3.0.4613

Comodo Security

TrojWare.JS.TrojanClicker.Agent.~AQ

17501

Dr.Web

Trojan.AVKill.30538

9.0.1.0116

Emsisoft Anti-Malware

Gen:Trojan.Heur.DP.tK1@aGqXprbi

8.14.04.26.11

ESET NOD32

JS/TrojanClicker.Agent.NDL

8.9190

Fortinet FortiGate

JS/JSRedir.DO!tr

4/26/2014

F-Secure

Trojan.Script.487598

11.2014-26-04_7

G Data

Gen:Trojan.Heur.DP.tK1@aGqXprbi

14.4.22

IKARUS anti.virus

Trojan.Win32.Spy

t3scan.2.2.29

K7 AntiVirus

Trojan

13.174.10623

Kaspersky

Trojan-Clicker.JS.Agent

14.0.0.3958

Malwarebytes

Spyware.Password

v2014.04.26.11

McAfee

RDN/Generic.dx!chs

5600.7149

MicroWorld eScan

Gen:Trojan.Heur.DP.tK1@aGqXprbi

15.0.0.348

NANO AntiVirus

Trojan.Win32.AVKill.bsvagr

0.28.0.57029

Norman

Troj_Generic.LUTRH

11.20140426

Panda Antivirus

Trj/dtcontx.I

14.04.26.11

Rising Antivirus

PE:Trojan.Win32.Generic.14FE8F8E!352227214

23.00.65.14424

Sophos

Mal/Generic-S

4.96

Trend Micro House Call

TROJ_SPNR.03FR13

7.2.116

Trend Micro

TROJ_SPNR.03FR13

10.465.26

VIPRE Antivirus

Trojan.Win32.Clicker

24766

File size:

313.7 KB (321,216 bytes)

Product version:

1.7.4

Facebook

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\profile view - 5v2.exe

Digital Signature

Signed by:

rinim

Authority:

rinim

Valid from:

12/31/2012 10:00:00 PM

Valid to:

12/31/2018 10:00:00 PM

Subject:

CN=rinim

Issuer:

CN=rinim

Serial number:

3D9394A4D3EC5E8A45B5171E76F8199A

File PE Metadata

Compilation timestamp:

3/29/2013 6:03:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:vvrvJbJYWoGBTEjjuSSt38jpppppppppppppppppppppppppppppppppppppppp1:vLwWoGVEj+Gpppppppppppppppppppp9

Entry address:

0x1F3A0

Entry point:

55, 8B, EC, 81, C4, D0, FE, FF, FF, 53, 56, 57, 33, C0, 89, 45, D0, 89, 45, EC, 89, 45, D8, 89, 45, D4, B8, 54, EC, 41, 00, E8, 30, 77, FE, FF, 33, C0, 55, 68, 2D, F5, 41, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, B9, F4, 41, 00, 64, FF, 30, 64, 89, 20, B8, 44, F5, 41, 00, E8, 72, D0, FF, FF, B8, 74, F5, 41, 00, E8, 68, D0, FF, FF, B8, A4, F5, 41, 00, E8, 5E, D0, FF, FF, 8D, 45, EC, 50, 8D, 45, D8, E8, 16, B0, FF, FF, 8B, 45, D8, 89, 45, DC, C6, 45, E0, 0B, 8D, 55, D4, B8, 04, 00, 00, 00, E8, 1F, B6, FF... 
[+]

Entropy:

6.8065

Developed / compiled with:

Microsoft Visual C++

Code size:

121.5 KB (124,416 bytes)

Remove profile view - 5v2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.