home

sevenzip-apset.exe

Omicron Installer

DMN Partners SRL

The application sevenzip-apset.exe by DMN Partners SRL has been detected as a potentially unwanted program by 12 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
Live__Soft__Action  (signed by DMN Partners SRL)

Product:
Omicron Installer

Version:
9.31.3.1

MD5:
9a3ffa5645fa84c252a973e9aafcfef2

SHA-1:
21de99f98371d08febf08934c13b2c501c5ce5df

SHA-256:
ae50b496c069d43035d0e36f1e82d4370d9ba123c475c873a86394445f309870

Scanner detections:
12 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
5/14/2024 3:37:18 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.GetNow
2015.08.05

Avira AntiVirus
PUA/GetNow.Gen
8.3.1.6

avast!
Win32:Trojan-gen
2014.9-151003

Dr.Web
Trojan.InstallCore.1139
9.0.1.0276

ESET NOD32
Win32/GetNow.I potentially unwanted (variant)
9.12044

herdProtect (fuzzy)
variant of canon i-sensys-lbp6030-lbp6030b-lbp6030w driver provided through abduldrivers.com.exe
2015.10.3.0

K7 AntiVirus
Unwanted-Program
13.207.16784

Malwarebytes
PUP.Optional.Getnow
v2015.10.03.12

Reason Heuristics
PUP.DMNPartners.Installer (M)
15.8.17.20

Sophos
Live Soft Action (PUA)
4.98

VIPRE Antivirus
Trojan.Win32.Generic
42624

File size:
658.7 KB (674,496 bytes)

Product version:
9.31.3.1

Copyright:
(c) Live__Soft__Action. All rights reserved.

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\sevenzip-apset.exe

Digital Signature
Signed by:
DMN Partners SRL

Authority:
COMODO CA Limited

Valid from:
6/12/2015 2:00:00 AM

Valid to:
6/12/2016 1:59:59 AM

Subject:
CN=DMN Partners SRL, O=DMN Partners SRL, STREET=Str Liviu Rebreanu 46-58, L=Bucharest, S=District 3, PostalCode=031793, C=RO

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3EB036A1CA66096F2715D12685C107F3

File PE Metadata
Compilation timestamp:
7/29/2015 4:57:25 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:Jlf17vYog0B4LpUBLd/TN6cJwozqiHSZvs+q350Obnoy90HS:Jx17Yog0BlBd/TscJxmISZHG0zyIS

Entry address:
0x1A80B0

Entry point:
60, BE, 00, C0, 51, 00, 8D, BE, 00, 50, EE, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
564 KB (577,536 bytes)

Remove sevenzip-apset.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.