» raghuvaran_b_tech_telugu__1cd_cam__rip_xvid_mp3_team_tmr.exe
Overview
Analysis
File Details
Downloads (1)

raghuvaran_b_tech_telugu__1cd_cam__rip_xvid_mp3_team_tmr.exe

The application raghuvaran_b_tech_telugu__1cd_cam__rip_xvid_mp3_team_tmr.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from ttvdownloads.maynemyltf.netdna-cdn.com.

File name:

MD5:

f75bbda83d6826c3a0410a9041fc4579

SHA-1:

bf51d98665ff6bc84d940837e309223312dc267a

SHA-256:

928bddabd8d7432829e2d37404ba7f7772ef9dd62f2008ed2798f7bf1c9c538f

Scanner detections:

4 / 68

Status:

Potentially unwanted

Analysis date:

5/21/2024 8:49:34 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

multiple threats

8.0.319.0

McAfee

Program.Artemis!E50423C905E2

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.223.810.0

Norman

Application.Bundler.LT

28.05.2016 15:32:18

File size:

89.8 KB (91,934 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\raghuvaran_b_tech_telugu__1cd_cam__rip_xvid_mp3_team_tmr.exe

File PE Metadata

Compilation timestamp:

12/6/2009 4:20:41 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:sLXB65939tY6HBg4sXJlVYYhYvLySrMSN6gSLnVMW15Tzh/CWJWhnfL9nTjCg:sLk395hYXJ3YYhuLySrMSNpqn33Mhnz3

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.2540

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file raghuvaran_b_tech_telugu__1cd_cam__rip_xvid_mp3_team_tmr.exe has been seen being distributed by the following URL.

http://ttvdownloads.maynemyltf.netdna-cdn.com/.../ttv_setup.exe

Remove raghuvaran_b_tech_telugu__1cd_cam__rip_xvid_mp3_team_tmr.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.