» themeforest 669895 ammon_10924_i84256407_il345.exe
Overview
Analysis
File Details

themeforest 669895 ammon_10924_i84256407_il345.exe

Sony PC Companion

KASHTAN OOO

The executable themeforest 669895 ammon_10924_i84256407_il345.exe has been detected as malware by 1 anti-virus scanner.

File name:

Publisher:

Sony Mobile Communications (signed by KASHTAN OOO)

Product:

Sony PC Companion

Version:

2.10.275

MD5:

a520cbb4aa151daf24deee2d378e4d92

SHA-1:

4b6f0b00894c3cf3578718e5a9bf7542b814f749

SHA-256:

a789b6a88a32c7718356e39509808096c6923fc8f3f6f41198efcaa97981b893

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

5/15/2024 11:48:18 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.2.26.23

File size:

4.6 MB (4,863,704 bytes)

Product version:

2.10.275

Sony

Original file name:

stub32i.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\themeforest+669895+ammon \themeforest 669895 ammon_10924_i84256407_il345.exe

Digital Signature

Signed by:

KASHTAN OOO

Authority:

Thawte, Inc.

Valid from:

7/4/2015 8:00:00 PM

Valid to:

5/21/2016 7:59:59 PM

Subject:

CN=KASHTAN OOO, O=KASHTAN OOO, L=Naberezhnye Chelny, S=Tatarstan republic, C=RU

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

468BE39F7FCABE2D4D2D070862DD916B

File PE Metadata

Compilation timestamp:

11/13/2015 11:32:49 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x3896F6

Entry point:

68, 00, DF, F2, D5, E8, 9B, F8, FF, FF, 0F, 86, F7, E2, 01, 00, 83, C8, FF, 8B, E5, 66, 0F, 4B, ED, 5D, C3, 0F, 83, 1E, 00, 00, 00, 8B, 7D, FC, 66, F7, C7, 0E, 3F, F5, 0F, B6, 3F, F5, C1, E6, 08, 66, 85, D9, F9, C1, E0, 08, 0B, F7, FF, 45, FC, F5, F8, 8B, F8, C1, EF, 0B, E9, 3A, 75, 02, 00, 66, 89, 3C, 0B, E9, E0, 66, 00, 00, 66, 89, BC, 59, 98, 01, 00, 00, 8D, 14, 51, 8B, F8, F8, F5, 89, 55, F8, 0F, B7, 12, 3B, D6, 81, FF, 00, 00, 00, 01, E9, 71, FD, 01, 00, 0F, F7, 9D, B0, 0D, 91, 88, FA, 38, 6C, E3, 8F... 
[+]

Code size:

3.3 MB (3,467,264 bytes)

Remove themeforest 669895 ammon_10924_i84256407_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.