home

vlc-2.2.1-win32.exe

The executable vlc-2.2.1-win32.exe has been detected as malware by 7 anti-virus scanners. Infected by an entry-point obscuring polymorphic file infector which will create a peer-to-peer botnet and receives URLs of additional files to download. The file has been seen being downloaded from free.nchc.org.tw.
MD5:
a43a9c697c22e1b684f6c22867eaa358

SHA-1:
fc9883ad5b9b3dc4fde0d01d50e1404bb2bc8489

SHA-256:
cb27e94292493f04733e2bbca020d64ba747abf7274e443a5f7f01a7914d8905

Scanner detections:
7 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/18/2024 3:53:12 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160111-0

AVG
Win32/Sality
2015.0.4489

ESET NOD32
Win32/Sality.NBA virus
7.0.302.0

Kaspersky
Virus.Win32.Sality
15.0.0.562

McAfee
Virus.W32/Sality.gen.z
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.3100.0

VIPRE Antivirus
Threat.4721115
46444

File size:
227.5 KB (232,960 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\vlc-2.2.1-win32.exe

File PE Metadata
Compilation timestamp:
12/16/2014 4:04:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.24

CTPH (ssdeep):
3072:sFwRDtHF9P/452MJa+boijl9yNya5QxTjcqe:ZN/fMJa+bcy7pjcqe

Entry address:
0x4377

Entry point:
EB, 04, F2, 0F, B7, CF, 20, C8, 49, B2, D0, 0F, B7, DA, 85, DF, 0F, AF, C6, 8D, 2D, 58, 7E, A2, 42, 8B, DA, 3B, CA, 0F, BF, F9, FE, CD, 48, 0F, B7, EF, 84, D4, F7, C3, B5, 77, 96, 7C, 14, 10, BE, BA, A3, 4B, AD, 40, 69, FD, 95, 7A, 90, 83, E8, 00, 00, 00, 00, 69, C8, 30, FC, 83, F7, BB, 2F, 70, 9C, F1, 21, C6, 85, F5, 8D, 35, E6, 49, 6B, 78, 80, FC, 2F, 8B, CE, 0F, AF, DA, 68, 20, DD, 00, 00, B4, 52, 10, C6, 5D, 0F, B7, F3, 0F, AF, DA, 81, F5, 66, 17, 00, 00, 43, 33, FD, 49, 42, 5B, 8D, 0D, C4, AC, 9E, 66...
 
[+]

Entropy:
4.7898

Code size:
34.5 KB (35,328 bytes)

The file vlc-2.2.1-win32.exe has been seen being distributed by the following URL.

http://free.nchc.org.tw/vlc/vlc/2.2.1/.../vlc-2.2.1-win32.exe

Remove vlc-2.2.1-win32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.