» test-drive-unlimited-2-rus-_torrentino.exe
Overview
Analysis
File Details
Downloads (1)

test-drive-unlimited-2-rus-_torrentino.exe

Downloader for Torrentino.Com

The application test-drive-unlimited-2-rus-_torrentino.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. The file has been seen being downloaded from www.torrentino.com.

File name:

Product:

Downloader for Torrentino.Com

Version:

1, 0, 0, 1

MD5:

44fc35cbca7e029dee56dda67977dbed

SHA-1:

6db9ad0e2de4628b121e3fd0ae009e2e2502ecd2

SHA-256:

9e32df2362fb25c3fb8427619684e38b9f149a21477f4bb46a6e10078f7a8528

Scanner detections:

27 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 7:14:52 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Heur.IPZ.4

852

AhnLab V3 Security

Trojan/Win32.LoadMoney

2014.10.06

Avira AntiVirus

TR/Crypt.XPACK.Gen

7.11.30.172

avast!

Win32:LoadMoney-BI [Trj]

141003-0

AVG

Trojan horse Crypt2.BZEO

2014.0.4025

Bitdefender

Gen:Heur.IPZ.4

1.0.20.1395

Comodo Security

TrojWare.Win32.Kryptik.BAJ

19716

Dr.Web

Trojan.LoadMoney.15

9.0.1.05190

Emsisoft Anti-Malware

Gen:Heur.IPZ

14.10.06

ESET NOD32

Win32/Kryptik.BPWV trojan

7.0.302.0

Fortinet FortiGate

W32/Kryptik.BPWV!tr

10/6/2014

F-Prot

W32/LoadMoney.S.gen

4.6.5.141

F-Secure

Gen:Heur.IPZ.4

11.2014-06-10_2

G Data

Gen:Heur.IPZ

14.10.24

IKARUS anti.virus

Gen.Heur

t3scan.1.7.8.0

K7 AntiVirus

Trojan

13.183.13584

Kaspersky

not-a-virus:Downloader.Win32.LMN

15.0.0.494

Malwarebytes

PUP.Optional.LoadMoney

v2014.10.06.04

McAfee

PUP-FNB

5600.6986

MicroWorld eScan

Gen:Heur.IPZ.4

15.0.0.837

NANO AntiVirus

Trojan.Win32.Downloader.cqhkhq

0.28.2.62440

Norman

Downloader.HJNZ

11.20141006

Panda Antivirus

Trj/Genetic.gen

14.10.06.04

Quick Heal

TrojanDwnldr.Agent.A6

10.14.14.00

Rising Antivirus

PE:Malware.XPACK-HIE/Heur!1.9C48

23.00.65.141004

Sophos

Troj/LdMon-D

4.98

VIPRE Antivirus

Threat.4657539

33624

File size:

300 KB (307,200 bytes)

Product version:

1, 0, 0, 1

Original file name:

Downloader.exe

File type:

Executable application (Win32 EXE)

Language:

Russian (Russia)

Common path:

C:\users\{user}\downloads\test-drive-unlimited-2-rus-_torrentino.exe

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:P+M0xpgrm3f6ZMiJwMooIzx+HqmY6WBRDhfAh:h4SivIJJwvoO5+Wrl

Entry address:

0x1018

Entry point:

68, 70, 8B, 41, 00, C3, 8B, C0, 55, 8B, EC, 83, C4, D4, C6, 45, D7, 00, E8, 49, 06, 00, 00, FE, 45, D7, 80, 7D, D7, 03, 75, F2, E8, 3B, 06, 00, 00, 83, FB, FF, 7F, 0E, 29, 0D, B3, 00, 42, 00, 89, 05, 83, 00, 42, 00, EB, 1C, C7, 05, 16, 00, 42, 00, AD, 04, 01, 00, 89, 0D, 51, 00, 42, 00, 89, 15, F1, 00, 42, 00, 89, 1D, 74, 00, 42, 00, 89, 05, 44, 00, 42, 00, 8B, 0D, CB, 00, 42, 00, E8, FB, 05, 00, 00, C6, 05, 19, 00, 42, 00, D2, FE, 05, C8, 00, 42, 00, 8D, 1D, 5E, 00, 42, 00, 83, 6B, 28, 76, 89, 3D, 5F, 00... 
[+]

Entropy:

5.2501

Code size:

95.5 KB (97,792 bytes)

The file test-drive-unlimited-2-rus-_torrentino.exe has been seen being distributed by the following URL.

http://www.torrentino.com/torrents/.../download?g=50:0:0&zi=false

Remove test-drive-unlimited-2-rus-_torrentino.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.