» vsd38u9v.000
Overview
Analysis
File Details

vsd38u9v.000

InstallShield

Acresso Software Inc.

The file vsd38u9v.000, “InstallShield (R) Setup Engine” has been detected as malware by 7 anti-virus scanners.

File name:

vsd38u9v.000

Publisher:

Acresso Software Inc.

Product:

InstallShield

Description:

InstallShield (R) Setup Engine

Version:

16.0.400

MD5:

88fe776806d719c0040549fa67f797ba

SHA-1:

af6108be25183ee23f7d7ac996094d40366a54fb

SHA-256:

7a98d6a16f44c4751656be71e188ec675269860c036e89f63673e70f0c9adb41

Scanner detections:

7 / 68

Status:

Malware

Analysis date:

7/2/2025 6:18:03 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Win32/Heur

2014.0.4311

Baidu Antivirus

Trojan.Win32.PEMalform

4.0.3.15524

Comodo Security

TrojWare.Win32.PSW.GamePass.E

22232

ESET NOD32

Win32/RiskWare.PEMalform.B application

7.0.302.0

Fortinet FortiGate

W32/Onlinegames.ASE!tr

5/24/2015

NANO AntiVirus

Trojan.Win32.Banz.comyw

0.30.24.1636

Rising Antivirus

PE:Packer.Win32.Crypt.eg!1075333760

23.00.65.15522

File size:

1.7 MB (1,744,896 bytes)

Product version:

16.0

Original file name:

iKernel.dll

Common path:

C:\ProgramData\application data\trend micro\amsp\temp\virus\vsd38u9v.000

File PE Metadata

Compilation timestamp:

9/22/2009 12:58:40 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:ZJdVUthAn2bSkABxlJuVWF2FBHddukoE3GtXjypUrbW0ocvDNvHzdQ7:Z2tunOSVJc1zdnGlybO5e

Entry address:

0x1A86B0

Entry point:

53, 57, 56, 55, E8, 00, 00, 00, 00, 5D, 81, ED, 4C, 13, 00, 10, 8D, B5, 43, 13, 00, 10, 8B, 46, FC, 83, C0, 04, 2B, F0, FC, 8B, DE, 8B, 56, 08, 8B, 76, 1C, 03, F2, 8D, BD, 2F, 1F, 00, 10, AD, AB, AD, AB, AD, AB, AD, AB, 90, 83, 7B, 48, 01, 74, 15, 8B, 73, 44, 85, F6, 74, 0E, B9, 23, 00, 00, 00, 03, F2, 8B, 7B, 40, 03, FA, F3, A4, 8B, F3, 8D, BD, 1B, 1F, 00, 10, 01, 2F, 01, 6F, 04, 01, 6F, 08, 8D, 8D, FF, 1E, 00, 10, 51, E8, 46, 01, 00, 00, 90, 90, 90, 90, 90, 90, 90, 90, 8B, 4E, 2C, 89, 8D, 2B, 1F, 00, 10... 
[+]

Entropy:

3.3040

Code size:

1008 KB (1,032,192 bytes)

Remove vsd38u9v.000 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.