home

vcredist_x86.exe

Software Updater

Ymir Entertainment Co., Ltd

The executable vcredist_x86.exe has been detected as malware by 7 anti-virus scanners.
Publisher:
Ymir Entertainment Co., Ltd  (signed and verified)

Product:
Software Updater

Version:
2.238.4.571

MD5:
9b82f93a618ffca9bc263a76bf7bb26d

SHA-1:
748f1dfabfa6637aff3f47868b429bbb86b9752a

SHA-256:
335c8855fbb796463092b690063678d1e21783b99ae26dd5202b045af9de5074

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
5/9/2024 11:51:18 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1737367
937

Bitdefender
Trojan.GenericKD.1737367
1.0.20.965

Emsisoft Anti-Malware
Trojan.GenericKD.1737367
8.14.07.12.07

ESET NOD32
MSIL/TrojanClicker.Agent.NFB (variant)
8.10053

F-Secure
Trojan.GenericKD.1737367
11.2014-12-07_7

G Data
Trojan.GenericKD.1737367
14.7.24

MicroWorld eScan
Trojan.GenericKD.1737367
15.0.0.579

File size:
23.1 KB (23,624 bytes)

Product version:
2.238.4.571

Copyright:
Copyright © Microsoft

Original file name:
SoftwareUpdater.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\users\{user}\appdata\roaming\microsoft\windows\start menu\programs\startup\vcredist_x86.exe

Digital Signature
Signed by:
Ymir Entertainment Co., Ltd

Authority:
Thawte, Inc.

Valid from:
6/6/2012 3:00:00 AM

Valid to:
8/6/2014 2:59:59 AM

Subject:
CN="Ymir Entertainment Co., Ltd", O="Ymir Entertainment Co., Ltd", L=GyangNam-Gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
40DB0889DC1AE4DCB8A753D60220CAB8

File PE Metadata
Compilation timestamp:
7/1/2014 5:21:18 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:9XnjxQFvFlLNAxFX2pfTpcDBnrTff4pwk0oavaOlT1dh18Bc2RBc0FBc7Bc2ti44:9zxQFvF52BnXfDopOVh18Bc2RBcYBc7I

Entry address:
0x5E9E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7800

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
16 KB (16,384 bytes)

User Start Menu Item
Name:
vcredist_x86.exe


Remove vcredist_x86.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.