home

vststubsetup.exe

The application vststubsetup.exe has been detected as a potentially unwanted program by 11 anti-malware scanners.
MD5:
fd655414f825f6650a9146924794500e

SHA-1:
d01cc203ef25e79791b588365f4ba024a9a6467c

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 12:37:28 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Symmi.50024
658

avast!
Win32:Malware-gen
2014.9-150418

Baidu Antivirus
Adware.Win32.DealPly
4.0.3.15418

Bitdefender
Gen:Variant.Symmi.50024
1.0.20.540

Emsisoft Anti-Malware
Gen:Variant.Symmi.50024
8.15.04.18.09

ESET NOD32
Win32/DealPly.AD potentially unwanted (variant)
9.11106

F-Secure
Gen:Variant.Symmi.50024
11.2015-18-04_7

G Data
Gen:Variant.Symmi.50024
15.4.25

MicroWorld eScan
Gen:Variant.Symmi.50024
16.0.0.324

Panda Antivirus
Trj/Genetic.gen
15.01.08.01

Trend Micro House Call
Suspicious_GEN.F47V1224
7.2.8

File size:
76.3 KB (78,143 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\vststubsetup.exe

File PE Metadata
Compilation timestamp:
6/20/1992 2:52:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
1536:nIqlTsDhqLxFPm36yPrCZz0+PsSSwFGtErsQXYX+de7XE3X5r/h/vldU:tT+hqVZm36yPETIwPrxY97XE3P/vE

Entry address:
0x10A88

Entry point:
55, 8B, EC, 83, C4, F0, B8, 28, 0A, 41, 00, E8, 7C, 3F, FF, FF, E8, 4F, 1C, FF, FF, 83, F8, 63, 75, 60, 49, 53, 00, 00, 5A, 49, 00, 00, 65, CC, 39, 00, A7, 9F, 0B, 00, 79, 51, 08, 00, EB, A8, 00, 00, 41, 08, 00, 00, 5A, 7A, 00, 00, 49, 53, 00, 00, 5A, 49, 00, 00, 6F, CC, 39, 00, A7, 9F, 0B, 00, 79, 51, 08, 00, 4F, A9, 00, 00, D1, 09, 00, 00, 5A, 7A, 00, 00, 49, 53, 00, 00, 5A, 49, 00, 00, 0B, CC, 39, 00, A7, 9F, 0B, 00, 79, 51, 08, 00, B3, A9, 00, 00, 41, 08, 00, 00, 5A, 7A, 00, 00, E8, E5, 1B, FF, FF, 85...
 
[+]

Entropy:
6.7186

Developed / compiled with:
Microsoft Visual C++

Code size:
63 KB (64,512 bytes)

Remove vststubsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.