» samsung-la40c530f1r.exe
Overview
Analysis
File Details
Downloads (1)

samsung-la40c530f1r.exe

Support and Drivers

TLAPIA

The application samsung-la40c530f1r.exe, “This installer database contains the logic and data required to install Support and Drivers.” by TLAPIA has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from www.drivers-et-pilotes.net.

File name:

Publisher:

TLAPIA (signed and verified)

Product:

Support and Drivers

Description:

This installer database contains the logic and data required to install Support and Drivers.

Version:

1.4.1

MD5:

b1f810b6cb88074f741ac2a78e65c737

SHA-1:

e5b6c9da068baea672b00f04b0ff4da3816f8c2b

SHA-256:

58083193c696418a6af5f3f02b929fa1567308e9e2a954a328587a0b5b7019b3

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/27/2024 1:02:13 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.TLAPIA.Installer (M)

16.3.7.12

File size:

4.6 MB (4,816,248 bytes)

Product version:

1.4.1

Original file name:

DuD.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\samsung-la40c530f1r.exe

Digital Signature

Signed by:

TLAPIA

Authority:

VeriSign, Inc.

Valid from:

1/22/2013 12:00:00 AM

Valid to:

1/22/2014 11:59:59 PM

Subject:

CN=TLAPIA, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TLAPIA, L=Montevideo, S=montevideo, C=UY

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

59F70BE7091286E5251B02778D136FF2

File PE Metadata

Compilation timestamp:

3/21/2013 7:58:24 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

98304:YPGnIyePz6VjGPj+D0z+EeaCRaS8EMJjkUzDMi2jo/PZY5AaDSwE1OMJjkUzDMCe:tyPz6ywExbeEMQ/PxVXeEMT5

Entry address:

0xB07F9

Entry point:

E8, AB, C9, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, F0, 33, DB, 3B, F3, 75, 1E, E8, 01, 48, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, CB, EB, FF, FF, 83, C4, 14, 8B, C6, E9, C2, 00, 00, 00, 57, 39, 5D, 0C, 77, 1E, E8, DD, 47, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, A7, EB, FF, FF, 83, C4, 14, 8B, C6, E9, 9D, 00, 00, 00, 33, C0, 39, 5D, 14, 66, 89, 06, 0F, 95, C0, 40, 39, 45, 0C, 77, 09, E8, AE, 47, 00, 00, 6A, 22, EB, CF, 8B, 45, 10, 83, C0, FE, 83, F8, 22, 77... 
[+]

Code size:

912.5 KB (934,400 bytes)

The file samsung-la40c530f1r.exe has been seen being distributed by the following URL.

http://www.drivers-et-pilotes.net/SAMSUNG-la40c530f1r.exe

Remove samsung-la40c530f1r.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.