home

shirisimslave.exe

Shiri !!!

The executable shirisimslave.exe has been detected as malware by 12 anti-virus scanners. According to AVG, this software downloads additional adware offers during setup.
Product:
Shiri !!!

Version:
1.0.0.2042

MD5:
424a8805e563284e8183b9d2425a8a7c

SHA-1:
ccf34b01acac0349709a59537e309439dda52eb9

SHA-256:
d77da0c418c7f396a8ccf34ca69b1d7a47dc8ad8d2b5e504c53978f960cc3636

Scanner detections:
12 / 68

Status:
Malware

Analysis date:
4/26/2024 5:09:28 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Dldr.Shoter.ki
7.11.147.64

AVG
Downloader
2015.0.3335

Baidu Antivirus
HackTool.Win32.PornDownloader
4.0.3.14930

Bkav FE
HW32.CDB
1.3.0.4959

IKARUS anti.virus
Trojan-Downloader.Shoter
t3scan.1.6.1.0

McAfee
Artemis!424A8805E563
5600.6991

Norman
Suspicious_Gen5.AFKY
11.20140930

Quick Heal
(Suspicious) - DNAScan
9.14.14.00

Trend Micro House Call
PAK_Generic.008
7.2.273

Trend Micro
PAK_Generic.008
10.465.30

Vba32 AntiVirus
PornDownloader.Shoter
3.12.26.0

VIPRE Antivirus
Trojan.Win32.Generic
28848

File size:
536.5 KB (549,376 bytes)

Product version:
1.0.0.0

Copyright:
2006 All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\erotic hypnosis\nikki fatale\satin angels\wet_whispers\shirisimslave.exe

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:AMsouIg0S7tcu8vJ3JrmChSoe39Cj8p5VfFzkfFz1tyv3:AuXS7j8hJKxHv5Vlkl1t2

Entry address:
0xD02EC

Entry point:
60, E8, 4F, 00, 00, 00, 3D, E0, C9, F4, E9, CF, DE, 6D, B1, CC, AF, 91, 99, 33, 76, 78, C1, 91, 48, AC, BD, FD, 44, 5A, 4D, 36, DC, 8A, EE, C7, 94, 8D, 0F, 8E, 46, E0, 39, D6, 96, BF, EF, DC, D9, 2A, C2, AA, 40, 34, 0F, 8E, 46, E0, 39, D6, 96, BF, 0F, 8E, 46, E0, 39, D6, 96, BF, E9, B8, 5B, 00, 00, E9, CC, 5B, 00, 00, E9, C7, 5B, 00, 00, E8, 4A, FF, FF, FF, BA, D2, 00, 00, 84, 7E, 00, 00, 71, E1, 1C, F1, 03, A8, A9, EE, D3, 2A, 88, 66, 4D, 3B, 9D, B0, 24, AC, B4, 39, ED, 23, 75, 3C, 6D, C0, 4A, 3E, 0A, 84...
 
[+]

Entropy:
7.8611

Packer / compiler:
ASPack v1.08.04

Remove shirisimslave.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.