profile view - 5v2.exe

Profile View installer

rinim

The executable profile view - 5v2.exe, “Deploy Profile View browsers extension” has been detected as malware by 31 anti-virus scanners.
Publisher:
rinim  (signed and verified)

Product:
Profile View installer

Description:
Deploy Profile View browsers extension

Version:
1.7.4

MD5:
c5b2247a37a8d26063af55c6c975782d

SHA-1:
f6c39bb6a92fc0a341bee9b99d2ca114c3850e6b

SHA-256:
7b5f495dbc987f16c1f331141dd9dd62a8066503226d5bf457cbd5875515a600

Scanner detections:
31 / 68

Status:
Malware

Analysis date:
12/11/2017 6:15:36 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Trojan.Heur.DP.tK1@aGqXprbi
1015

Avira AntiVirus
JS/Redirect.BR
7.11.122.50

avast!
Other:Febipos-A [Trj]
2014.9-140426

AVG
Clicker
2015.0.3493

Baidu Antivirus
Trojan.JS.Clicker
4.0.3.14426

Bitdefender
Gen:Trojan.Heur.DP.tK1@aGqXprbi
1.0.20.580

Bkav FE
W32.Clod49c.Trojan
1.3.0.4613

Commtouch SDK
W32/Trojan.EIRO-2257
5.4.1.7

Comodo Security
TrojWare.JS.TrojanClicker.Agent.~AQ
17501

Dr.Web
Trojan.AVKill.30538
9.0.1.0116

Emsisoft Anti-Malware
Gen:Trojan.Heur.DP.tK1@aGqXprbi
8.14.04.26.11

ESET NOD32
JS/TrojanClicker.Agent.NDL
8.9190

Fortinet FortiGate
JS/JSRedir.DO!tr
4/26/2014

F-Secure
Trojan.Script.487598
11.2014-26-04_7

G Data
Gen:Trojan.Heur.DP.tK1@aGqXprbi
14.4.22

IKARUS anti.virus
Trojan.Win32.Spy
t3scan.2.2.29

K7 AntiVirus
Trojan
13.174.10623

K7 Gateway Antivirus
Trojan
13.174.10623

Kaspersky
Trojan-Clicker.JS.Agent
14.0.0.3958

Malwarebytes
Spyware.Password
v2014.04.26.11

McAfee
RDN/Generic.dx!chs
5600.7149

McAfee Web Gateway
RDN/Generic.dx!chs
7.7149

MicroWorld eScan
Gen:Trojan.Heur.DP.tK1@aGqXprbi
15.0.0.348

NANO AntiVirus
Trojan.Win32.AVKill.bsvagr
0.28.0.57029

Norman
Troj_Generic.LUTRH
11.20140426

Panda Antivirus
Trj/dtcontx.I
14.04.26.11

Rising Antivirus
PE:Trojan.Win32.Generic.14FE8F8E!352227214
23.00.65.14424

Sophos
Mal/Generic-S
4.96

Trend Micro House Call
TROJ_SPNR.03FR13
7.2.116

Trend Micro
TROJ_SPNR.03FR13
10.465.26

VIPRE Antivirus
Trojan.Win32.Clicker
24766

File size:
313.7 KB (321,216 bytes)

Product version:
1.7.4

Copyright:
Facebook

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\profile view - 5v2.exe

Digital Signature
Signed by:

Authority:
rinim

Valid from:
12/31/2012 10:00:00 PM

Valid to:
12/31/2018 10:00:00 PM

Subject:
CN=rinim

Issuer:
CN=rinim

Serial number:
3D9394A4D3EC5E8A45B5171E76F8199A

File PE Metadata
Compilation timestamp:
3/29/2013 6:03:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:vvrvJbJYWoGBTEjjuSSt38jpppppppppppppppppppppppppppppppppppppppp1:vLwWoGVEj+Gpppppppppppppppppppp9

Entry address:
0x1F3A0

Entry point:
55, 8B, EC, 81, C4, D0, FE, FF, FF, 53, 56, 57, 33, C0, 89, 45, D0, 89, 45, EC, 89, 45, D8, 89, 45, D4, B8, 54, EC, 41, 00, E8, 30, 77, FE, FF, 33, C0, 55, 68, 2D, F5, 41, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, B9, F4, 41, 00, 64, FF, 30, 64, 89, 20, B8, 44, F5, 41, 00, E8, 72, D0, FF, FF, B8, 74, F5, 41, 00, E8, 68, D0, FF, FF, B8, A4, F5, 41, 00, E8, 5E, D0, FF, FF, 8D, 45, EC, 50, 8D, 45, D8, E8, 16, B0, FF, FF, 8B, 45, D8, 89, 45, DC, C6, 45, E0, 0B, 8D, 55, D4, B8, 04, 00, 00, 00, E8, 1F, B6, FF...
 
[+]

Entropy:
6.8065

Developed / compiled with:
Microsoft Visual C++

Code size:
121.5 KB (124,416 bytes)

Remove profile view - 5v2.exe - Powered by Reason Core Security