» sptdinst-x86.exe
Overview
Analysis
File Details

sptdinst-x86.exe

SCSI Pass Through Direct

Duplex Secure Ltd

The executable sptdinst-x86.exe, “SCSI Pass Through Direct setup” has been detected as malware by 39 anti-virus scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.

File name:

sptdinst-x86.exe

Publisher:

Duplex Secure Ltd. (signed by Duplex Secure Ltd)

Product:

SCSI Pass Through Direct

Description:

SCSI Pass Through Direct setup

Version:

1.78.0.0 built by: WinDDK

MD5:

a12daf167d311bdb8c2d2459f5cf80b8

SHA-1:

d738e7d4ec9e14cf3d9f3daa8cd15ca3c449ab4c

SHA-256:

81e5b7452eb354f0ff3c031311f8a9a22dc6e0e8f09369a7b22b3d9ff9b0604e

Scanner detections:

39 / 68

Status:

Malware

Analysis date:

4/26/2024 2:31:47 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Parite.B

6503561

Agnitum Outpost

Win32.Parite.B

7.1.1

AhnLab V3 Security

Win32/Parite

2015.03.14

Avira AntiVirus

W32/Parite

7.11.217.16

avast!

Parite

150303-0

AVG

Win32/Parite

2014.0.4257

Baidu Antivirus

Virus.Win32.Parite.$b

4.0.3.15313

Bitdefender

Win32.Parite.B

1.0.20.360

Bkav FE

W32.Pinfi.B

1.3.0.6379

Clam AntiVirus

Heuristics.W32.Parite.B

0.98/20189

Comodo Security

Virus.Win32.Parite.gen

21398

Dr.Web

Win32.Parite.2

9.0.1.072

Emsisoft Anti-Malware

Win32.Parite

9.0.0.4799

ESET NOD32

Win32/Parite.B virus

7.0.302.0

Fortinet FortiGate

W32/Parite.B

3/13/2015

F-Prot

W32/Parite.B

4.6.5.141

F-Secure

Win32.Parite.B

11.2015-13-03_6

G Data

Win32.Parite

15.3.25

IKARUS anti.virus

Virus.Parite

t3scan.1.8.6.0

K7 AntiVirus

Virus

13.200.15259

Kaspersky

Virus.Win32.Parite

15.0.0.543

McAfee

Virus.W32/Pate.b

16.8.708.2

Microsoft Security Essentials

Threat.Undefined

1.193.2090.0

MicroWorld eScan

Win32.Parite.B

16.0.0.216

NANO AntiVirus

Virus.Win32.Parite.bgvo

0.30.0.296

Norman

Win32.Parite.B

03.12.2014 13:20:04

nProtect

Virus/W32.Parite.C

15.03.13.01

Panda Antivirus

W32/Parite.B

15.03.13.03

Quick Heal

W32.Perite.A

3.15.14.00

Rising Antivirus

PE:Win32.Parite.b!16043

23.00.65.15311

Sophos

Virus 'W32/Parite-B'

5.12

Total Defense

Win32/Pinfi.A

37.0.11492

Trend Micro House Call

PE_PARITE.A

7.2.72

Trend Micro

PE_PARITE.A

10.465.13

Vba32 AntiVirus

Virus.Win32.Parite.b

3.12.26.3

VIPRE Antivirus

Threat.46249

37788

ViRobot

Win32.Parite.A[h]

2014.3.20.0

Zillya! Antivirus

Virus.Parite.Win32.9

2.0.0.2098

File size:

767 KB (785,370 bytes)

Product version:

1.78.0.0

Original file name:

sptdinst.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\daemon tools lite\sptdinst-x86.exe

Digital Signature

Signed by:

Duplex Secure Ltd

Authority:

VeriSign, Inc.

Valid from:

7/20/2010 7:00:00 PM

Valid to:

8/21/2013 6:59:59 PM

Subject:

CN=Duplex Secure Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Duplex Secure Ltd, S=Nevis, C=KN

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

621126C5A45D51531C0B913750EBA75C

File PE Metadata

Compilation timestamp:

2/27/2011 1:29:26 PM

OS version:

6.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:Y47yW/rPvcEzXU+pnA5lGe44dlBLgkI/jNcIuR+J/QF1x6alyksmrqVevvCI:Y4GAPE4UGe44dokIjFuO2vXrJrBnCI

Entry address:

0x97000

Entry point:

68, 2E, 3F, E6, 1D, 58, 68, 20, 70, 49, 00, 5E, 90, 68, 98, 05, 00, 00, 5A, 90, 90, 31, 04, 32, 90, 90, 83, EA, 02, 83, EA, 02, 90, 90, 75, F1, C6, 42, E7, 1D, 2E, 3F, E6, 1D, 2E, 3F, A6, 1D, 2A, 6F, EF, 1D, 16, 7B, EF, 1D, F4, 74, EF, 1D, 2E, 8F, E4, 1D, D1, C0, 19, E2, 06, 0D, A1, 1D, 98, 0B, A1, 1D, E4, 0B, A1, 1D, 82, 35, E1, 1D, 9A, 0B, E1, 1D, E6, 0B, E1, 1D, 06, 33, E1, 1D, 9A, 0B, E1, 1D, E6, 0B, E1, 1D, 2E, 3F, E6, 1D, 2E, 3F, E6, 1D, 2E, 3F, E6, 1D, 2E, 3F, E6, 1D, 2E, 3F, E6, 1D, 2E, 3F, E6, 1D... 
[+]

Entropy:

7.9115 (probably packed)

Code size:

14.5 KB (14,848 bytes)

Remove sptdinst-x86.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.