home

android apps.exe

The application android apps.exe has been detected as a potentially unwanted program by 7 anti-malware scanners. This is a setup program which is used to install the application. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from 50ftwares.com.
MD5:
c0b1121cc56a79b80fc15f76ee97e939

SHA-1:
a3316997fe7fa15b98309620d720182a5d82fc5c

SHA-256:
a4a67b58466f8c45a3b59ed793df68b6b3c3429047f4b8a4188dccc288aef253

Scanner detections:
7 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
5/18/2024 10:18:56 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/InstallCore.Gen
7.11.77.220

Dr.Web
Adware.InstallCore.101
9.0.1.0124

ESET NOD32
Win32/InstallCore.BH (variant)
10.8322

F-Prot
W32/Backdoor2.HRPX
v6.4.7.1.166

K7 AntiVirus
Backdoor
13.166.8668

Reason Heuristics
PUP.InstallCore.ENG (M)
16.5.3.19

Trend Micro House Call
TROJ_GEN.F47V0327
7.2.124

File size:
598.2 KB (612,568 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\android apps.exe

File PE Metadata
Compilation timestamp:
6/20/1992 3:52:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:8rslasGBnvvXy1OXPSiVFJuYii7K09Z+xOFETLyk7xHn5t:8AUPBnvvXDXP3VFJxKiZ+xNLvT

Entry address:
0x12EF80

Entry point:
60, BE, 00, 40, 4A, 00, 8D, BE, 00, D0, F5, FF, C7, 87, 10, 47, 0E, 00, 4B, 3F, D8, 6B, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Entropy:
7.8466

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
560 KB (573,440 bytes)

The file android apps.exe has been seen being distributed by the following URL.

http://50ftwares.com/.../54595

Remove android apps.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.