home

yuta_-_lyubimyy_moy_zaycev_net.exe

INFORMATSIONNYE TEKHNOLOGII, OOO

The application yuta_-_lyubimyy_moy_zaycev_net.exe by INFORMATSIONNYE TEKHNOLOGII, OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
INFORMATSIONNYE TEKHNOLOGII, OOO  (signed and verified)

MD5:
2f0962455803d79427805d2abe5446f8

SHA-1:
b1e04b8edf94c83bebac1d97344e05a4f4cf958f

SHA-256:
ea8060457862b29e217aa7fe5c2a5d7dea300a4615c367ad2143d0d6500ca547

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 12:32:34 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.INFORMATSIONNYETEKHNOLOGII (M)
16.2.14.7

File size:
140 KB (143,320 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\нась нетрогать\yuta_-_lyubimyy_moy_zaycev_net.exe

Digital Signature
Signed by:
INFORMATSIONNYE TEKHNOLOGII, OOO

Authority:
COMODO CA Limited

Valid from:
1/24/2014 9:00:00 AM

Valid to:
1/25/2015 8:59:59 AM

Subject:
CN="INFORMATSIONNYE TEKHNOLOGII, OOO", O="INFORMATSIONNYE TEKHNOLOGII, OOO", STREET="4-6 str. 3, per. Nikoloyamski", L=Moscow, S=Moscow region, PostalCode=109004, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4D9D81FB1247142AE81FF73D60F97FD3

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3072:iuowQ3w+F61ptO19crN/otxkzZoVfeuUCRyVEE:dowQzE1ptAHXfcCEEE

Entry address:
0x1A6C0

Entry point:
83, 3D, A2, F5, 41, 00, 04, 75, 30, 89, 0C, 14, 40, 00, FF, 25, D4, A6, 41, 00, 40, A7, 41, 00, 62, 89, 1D, CD, F0, 41, 00, 2B, 3D, 48, F0, 41, 00, 89, DA, 66, C7, 05, AD, F0, 41, 00, 1B, AD, 83, 3D, 28, F2, 41, 00, 00, 74, D5, E8, 76, E5, FF, FF, C6, 05, F7, F0, 41, 00, A6, 89, 3D, 42, F0, 41, 00, C7, 05, 90, F0, 41, 00, 2F, 33, 01, 00, 8B, 0D, 80, F1, 41, 00, 83, F9, 00, 74, B9, BE, 0C, 14, 40, 00, C7, 05, 14, F0, 41, 00, 0C, 10, 40, 00, 89, 35, 18, F0, 41, 00, FF, 25, 14, F0, 41, 00, 89, E4, 18, 40, 00...
 
[+]

Code size:
102.5 KB (104,960 bytes)

Remove yuta_-_lyubimyy_moy_zaycev_net.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.