home

windows7activation2.exe

Innova Soluyushns OOO

The application windows7activation2.exe by Innova Soluyushns OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Innova Soluyushns OOO  (signed and verified)

MD5:
174866bd35544dde5fb8b70bafe2cddd

SHA-1:
b5400efd4c12a1590e2daa0dcdeb63529f97306f

SHA-256:
306a69f4d99447897a97fcc2046352c9d79651a2652cdab8a4602e26727c386c

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/17/2024 5:04:43 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.11.10

File size:
662.4 KB (678,280 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\windows7activation2\windows7activation2.exe

Digital Signature
Signed by:
Innova Soluyushns OOO

Authority:
COMODO CA Limited

Valid from:
11/11/2014 3:00:00 AM

Valid to:
11/12/2015 2:59:59 AM

Subject:
CN=Innova Soluyushns OOO, O=Innova Soluyushns OOO, STREET="Mukomolny, 2/1", L=Moscow, S=Moscow region, PostalCode=123290, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5B6A93520D54B6626ADB1AF5B6FDE0A0

File PE Metadata
Compilation timestamp:
1/29/2015 11:21:12 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.29

Entry address:
0x82DD

Entry point:
FC, 09, E1, F5, 4A, 0F, BA, F0, 1E, 87, F1, 87, CD, C1, ED, 07, FC, C1, E7, 16, 03, 0D, 02, A2, 44, 00, 3B, 7C, 24, 08, F7, D6, C1, E6, 1F, 13, 4C, 24, 04, 19, C9, 0F, BA, FB, 13, D1, C2, 0F, BA, FE, 18, C1, CB, 14, 0F, BA, F0, 12, C1, D9, 0F, F9, F7, D1, 0B, 0D, 5E, DD, 45, 00, C1, EE, 1C, 81, EF, 3D, D7, 13, 23, 1B, 3D, E4, 1D, 40, 00, C1, CB, 18, 0F, BA, F3, 16, C1, E7, 0E, 21, E7, A1, 26, CF, 45, 00, F5, 03, 44, 24, 08, 81, DE, D7, CC, F4, 5D, 39, 54, 24, 14, 0F, BA, E0, 03, F9, FC, F7, D0, C1, E3, 07...
 
[+]

Code size:
507 KB (519,168 bytes)

Remove windows7activation2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.