home

siinst-full.exe

Software Informer

Informer Technologies, Inc.

The application siinst-full.exe, “Software Informer Setup ” has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from software-informer.software.informer.com.
Publisher:
Informer Technologies, Inc.

Product:
Software Informer

Description:
Software Informer Setup

MD5:
78dcc649f25b0fcf6ac29bb1a1f8bc29

SHA-1:
3337127bd62957f8503ea6e2aec1c0f20665061a

SHA-256:
08458e98d8fbfb8d0d8780c884a3e69c000779f3939804e01e64c6edbd90cc54

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/23/2024 4:42:35 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Informer.Installer.Installer.Meta (M)
16.7.31.0

File size:
3.6 MB (3,813,256 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\siinst-full.exe

File PE Metadata
Compilation timestamp:
10/13/2013 10:19:32 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:XHkNk5cCDS07BSXcPcR8dDphlitkuxPxQM2aZsAkdLfxrbGZz:XkO3/7Bu8flqkMQMXgrxr0z

Entry address:
0x113BC

Entry point:
88, D2, 86, D6, 4D, 0F, AF, DD, 0F, AF, C9, 0F, AF, C6, 69, C1, 1F, 03, D3, 9F, 81, ED, 87, FC, 68, 62, 81, F6, 8E, D0, 00, 09, 87, EA, 2B, D8, 69, EF, EA, 56, 87, 13, 68, 07, E3, 5A, 00, 8B, EF, 86, FB, 1A, EF, E8, 00, 00, 00, 00, 86, FB, 86, FE, 8D, 35, EE, 09, E8, E4, 89, DB, 69, C0, 48, 47, F8, C8, 80, E2, 0B, 50, 84, C5, F2, 5F, 0F, B7, D3, 8B, C5, 8D, 05, 6C, D0, 5B, 66, 5D, F2, 85, D5, 3B, D3, F6, C1, 67, 8D, 35, EF, 35, 17, DF, EB, 04, 10, D2, 89, F0, 8B, C1, 87, FA, 85, EF, C6, C5, F6, 85, D1, 73...
 
[+]

Entropy:
7.9890  (probably packed)

Code size:
63.5 KB (65,024 bytes)

The file siinst-full.exe has been seen being distributed by the following URL.

http://software-informer.software.informer.com/.../

Remove siinst-full.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.