» vsd6os5l.000
Overview
Analysis
File Details

vsd6os5l.000

InstallShield

Acresso Software Inc.

The file vsd6os5l.000, “InstallShield (R) Setup Engine” has been detected as malware by 6 anti-virus scanners.

File name:

vsd6os5l.000

Publisher:

Acresso Software Inc.

Product:

InstallShield

Description:

InstallShield (R) Setup Engine

Version:

15.0.591

MD5:

e3e50627f24df7bed44ec79c2fd5ea0f

SHA-1:

13115ab4287f517e23f0b71feceebaea1673f64a

SHA-256:

3b25e2b34b0df4d0c22ea915d1de18390ac2e8509aac9290cec0011263239bd1

Scanner detections:

6 / 68

Status:

Malware

Analysis date:

4/29/2024 8:31:08 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Win32/Heur

2014.0.4311

Baidu Antivirus

Trojan.Win32.PEMalform

4.0.3.15524

Comodo Security

TrojWare.Win32.Kryptik.~NT

22232

ESET NOD32

Win32/RiskWare.PEMalform.B application

7.0.302.0

Fortinet FortiGate

W32/Onlinegames.ASE!tr

5/24/2015

Rising Antivirus

PE:Trojan.Win32.Generic.154E47DA!357451738

23.00.65.15522

File size:

1.6 MB (1,683,456 bytes)

Product version:

15.0

Original file name:

iKernel.dll

Common path:

C:\ProgramData\application data\trend micro\amsp\temp\virus\vsd6os5l.000

File PE Metadata

Compilation timestamp:

9/11/2008 1:33:38 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:psQtvFayV47sBhOz/+IlMSbi0Na41VYuqNj7:aQtvFayV47Wh2WIJbioa41VYlt7

Entry address:

0x1996B0

Entry point:

53, 57, 56, 55, E8, 00, 00, 00, 00, 5D, 81, ED, 4C, 13, 3B, 00, 8D, B5, 43, 13, 3B, 00, 8B, 46, FC, 83, C0, 04, 2B, F0, FC, 8B, DE, 8B, 56, 08, 8B, 76, 1C, 03, F2, 8D, BD, 2F, 1F, 3B, 00, AD, AB, AD, AB, AD, AB, AD, AB, 90, 83, 7B, 48, 01, 74, 15, 8B, 73, 44, 85, F6, 74, 0E, B9, 23, 00, 00, 00, 03, F2, 8B, 7B, 40, 03, FA, F3, A4, 8B, F3, 8D, BD, 1B, 1F, 3B, 00, 01, 2F, 01, 6F, 04, 01, 6F, 08, 8D, 8D, FF, 1E, 3B, 00, 51, E8, 46, 01, 00, 00, 90, 90, 90, 90, 90, 90, 90, 90, 8B, 4E, 2C, 89, 8D, 2B, 1F, 3B, 00... 
[+]

Entropy:

3.2824

Code size:

952 KB (974,848 bytes)

Remove vsd6os5l.000 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.