» windows-7-professionalnaya-sp1-x86-x64-2-in-1-rus-23-10-2011-6-1-7601-17514-1-x86-x64- torrentino.ex
Overview
Analysis
File Details

windows-7-professionalnaya-sp1-x86-x64-2-in-1-rus-23-10-2011-6-1-7601-17514-1-x86-x64- torrentino.ex

BI IT Solutions

The file windows-7-professionalnaya-sp1-x86-x64-2-in-1-rus-23-10-2011-6-1-7601-17514-1-x86-x64- torrentino.ex by BI IT Solutions has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

BI IT Solutions (signed and verified)

MD5:

cb78141a5f949ff6a83bed3d20253079

SHA-1:

786534e64d040762fecaa27f0df65fba29d0eb65

SHA-256:

0ed948a569f39f6fbda6a0a4da1a867ef6ef8988408957ce2ce773b1fbea9bef

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

5/16/2024 12:05:14 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

16.12.13.6

File size:

297.3 KB (304,464 bytes)

Common path:

C:\users\{user}\downloads\windows-7-professionalnaya-sp1-x86-x64-2-in-1-rus-23-10-2011-6-1-7601-17514-1-x86-x64- torrentino.exe

Digital Signature

Signed by:

BI IT Solutions

Authority:

COMODO CA Limited

Valid from:

6/6/2014 3:00:00 AM

Valid to:

6/7/2015 2:59:59 AM

Subject:

CN=BI IT Solutions, O=BI IT Solutions, STREET="Shipilovskaya, 64/1", L=Moscow, S=Moscow oblast, PostalCode=115682, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

7D3EDAEE82E839BAD7AC658E539D34B7

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x1000

Entry point:

E9, 3B, F5, 03, 00, 66, C7, 05, 45, 10, 44, 00, 54, 1A, 66, 83, 3D, 8E, 10, 44, 00, 64, 7E, 08, 89, 15, 8C, 10, 44, 00, EB, 0B, C7, 05, 43, 10, 44, 00, 60, 68, 01, 00, 48, C7, 05, C0, 10, 44, 00, 8F, 50, 01, 00, C7, 05, D0, 10, 44, 00, BB, 0A, 01, 00, C3, C3, 8D, 40, 00, FF, 25, 24, 10, 44, 00, B8, 40, 10, 40, 00, C3, 66, C7, 05, 45, 10, 44, 00, 54, 1A, 66, 83, 3D, 8E, 10, 44, 00, 64, 7E, 08, 89, 15, 8C, 10, 44, 00, EB, 0B, C7, 05, 43, 10, 44, 00, 60, 68, 01, 00, 48, C7, 05, C0, 10, 44, 00, 8F, 50, 01, 00... 
[+]

Packer / compiler:

Xtreme-Protector v1.05

Code size:

254.5 KB (260,608 bytes)

Remove windows-7-professionalnaya-sp1-x86-x64-2-in-1-rus-23-10-2011-6-1-7601-17514-1-x86-x64- torrentino.ex - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.