Blog Archives

WS.Reputation.1

Posted on October 1, 2012 by reporter — No Comments ↓

File Name: e0a675015acdb36dd222e9e57d4b36c0.exe

Original Name: suf80_launch.exe

Product Name: Setup Factory 8.0 Runtime

Product Version: 8.2.1.0

File Version: 8.2.1.0

DB Updates: 02.10.2012 1:32:53

Check: [Clean]

MD5: E0A675015ACDB36DD222E9E57D4B36C0

ssdeep: 0::

Size: 864680

PE64: False

System: Win32 GUI

Entry point: E8 FB 2E 00 00 E9 16 FE FF FF 55 8B EC 83 EC 04 89 7D FC 8B 7D 08 8B 4D 0C C1 E9 07 66 0F EF C0 EB 08 8D A4 24 00 00 00 00 90 66 0F 7F 07 66 0F 7F 47 10 66 0F 7F 47 20 66 0F 7F 47 30 66 0F 7F 47

Name	Attrib	MD5	Size
.text	60000020	A8DBCAC095AEF6F1FF0F56E91C5ABC15	32768
.rdata	40000040	EFB6029B9A5F70171975F6B5A16C78CE	12288
.data	C0000040	CF8D7DD9F4B828868DB85743B8601F51	4096
.rsrc	40000040	05962A2C16EA40395E7B662814EBA9FD	28672

ssdeep

768:y0/t90Pcr/QS2KTBKxZFrYMB3XD20E4fOZ:llmPcrBd0ZvtD20fGE

192:DBbYzcnW/K4BnnnLuvorHNK2k49a3y6QydYOBe:DBQV7huvesow1QydjBek

24:Rnpul/P6uSkeK/6uSkeKuhBSqUR2Nb2GL/ulmtzPPAtpLBuezyF2fSGma:RnpuRTk4Tkpkj2UKqmBPItTui

384:RTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEuPzLVO5:RTpFNee/zgjmzAYKcX/xA9LQ5Y

Signatures

Type	Signature
MD5	E0A675015ACDB36DD222E9E57D4B36C0:864680:VirusName
NAC	E7F018CAFF46EA121F709090ECE0CFCB:25:VirusName
RIC	91F826D2F28EE2589096B58F23A16CC8:25064:VirusName
FIC	2:384:jTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEui:jTpFNee/zgjmzAYKcX/xA9LQ:95:VirusName
SEC	4:.text!32768\|.rdata!12288\|.data!4096\|.rsrc!28672:VirusName

Tagged with: GuardConvert.exe, irsetup.exe, MicroProCon.exe, Uninstall.exe
Posted in Detected

Artemis!88C9E1DC90B3

Posted on October 1, 2012 by reporter — No Comments ↓

File Name: 88c9e1dc90b3eb807950856e07a5ce05.exe

Original Name: suf80_launch.exe

Product Name: Setup Factory 8.0 Runtime

Product Version: 8.2.1.0

File Version: 8.2.1.0

DB Updates: 02.10.2012 1:02:12

Check: [Clean]

MD5: 88C9E1DC90B3EB807950856E07A5CE05

ssdeep: 0::

Size: 864672

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	A8DBCAC095AEF6F1FF0F56E91C5ABC15	32768
.rdata	40000040	EFB6029B9A5F70171975F6B5A16C78CE	12288
.data	C0000040	CF8D7DD9F4B828868DB85743B8601F51	4096
.rsrc	40000040	05962A2C16EA40395E7B662814EBA9FD	28672

ssdeep

768:y0/t90Pcr/QS2KTBKxZFrYMB3XD20E4fOZ:llmPcrBd0ZvtD20fGE

192:DBbYzcnW/K4BnnnLuvorHNK2k49a3y6QydYOBe:DBQV7huvesow1QydjBek

24:Rnpul/P6uSkeK/6uSkeKuhBSqUR2Nb2GL/ulmtzPPAtpLBuezyF2fSGma:RnpuRTk4Tkpkj2UKqmBPItTui

384:RTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEuPzLVO5:RTpFNee/zgjmzAYKcX/xA9LQ5Y

Signatures

Type	Signature
MD5	88C9E1DC90B3EB807950856E07A5CE05:864672:VirusName
NAC	E7F018CAFF46EA121F709090ECE0CFCB:25:VirusName
RIC	91F826D2F28EE2589096B58F23A16CC8:25064:VirusName
FIC	2:384:jTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEui:jTpFNee/zgjmzAYKcX/xA9LQ:95:VirusName
SEC	4:.text!32768\|.rdata!12288\|.data!4096\|.rsrc!28672:VirusName

Tagged with: GuardConvert.exe, irsetup.exe, MicroProCon.exe, Uninstall.exe
Posted in Detected

Win32.Adware-ADK [PUP]

Posted on September 20, 2012 by reporter — No Comments ↓

File Name: fd43bd303d1380d80b45c48c4ce1c4a8.exe

Original Name: suf80_launch.exe

Product Name: Setup Factory 8.0 Runtime

Product Version: 8.2.1.0

File Version: 8.2.1.0

DB Updates: 20.09.2012 14:32:19

Check: [Clean]

MD5: FD43BD303D1380D80B45C48C4CE1C4A8

ssdeep: 0::

Size: 865080

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	A8DBCAC095AEF6F1FF0F56E91C5ABC15	32768
.rdata	40000040	EFB6029B9A5F70171975F6B5A16C78CE	12288
.data	C0000040	CF8D7DD9F4B828868DB85743B8601F51	4096
.rsrc	40000040	05962A2C16EA40395E7B662814EBA9FD	28672

ssdeep

768:y0/t90Pcr/QS2KTBKxZFrYMB3XD20E4fOZ:llmPcrBd0ZvtD20fGE

192:DBbYzcnW/K4BnnnLuvorHNK2k49a3y6QydYOBe:DBQV7huvesow1QydjBek

24:Hudhg829BgtaiRnpuRTk4Tkpkj2UKqmBPItTuiRnpul/P6uSkeK/6uSkeKuhBSqUR2Nb2GL/ulmtzPPAtpLBuezyF2fSGma:HF9biQHudhg829BgtaiQRnpuRTk4Tkpkj2UKqmBPItTuiQ

384:RTpFNee/zgjmzAYKcX/xA9LQ5Y5RTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEuPzLVO5:RTnt/zcmAHcvxTY5RTpFNee/zgjmzAYKcX/xA9LQ5Y5

Signatures

Type	Signature
MD5	FD43BD303D1380D80B45C48C4CE1C4A8:865080:VirusName
NAC	E7F018CAFF46EA121F709090ECE0CFCB:25:VirusName
RIC	91F826D2F28EE2589096B58F23A16CC8:25064:VirusName
FIC	2:384:jTpFNee/zgjmzAYKcX/xA9LQ4jTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEui:jTnt/zcmAHcvx jTpFNee/zgjmzAYKcX/xA9LQ4:95:VirusName
SEC	4:.text!32768\|.rdata!12288\|.data!4096\|.rsrc!28672:VirusName

Tagged with: Downloader, GuardConvert.exe, irsetup.exe, MicroProCon.exe, Uninstall.exe
Posted in Detected

Trojan-Spy.Win32.Zbot.bfgu

Posted on September 18, 2012 by reporter — No Comments ↓

File Name: 939389f62dd9f3b26d7dd39a39ae6c21.exe

Original Name: usercontrol.EXE

Product Name: ??? ?? ???

Product Version: 1, 0, 0, 1

File Version: 1, 0, 0, 1

DB Updates: 18.09.2012 12:02:08

Check: [Threat] Trojan-Spy.Win32.Zbot.bfgu

MD5: 00000000000000000000000000000000

ssdeep: 3072:GMKD1RamIxpDIK5e/dzMvkjs 9A8FWV6:G7D1RaJp0KM/ykHAMvq

Size: 147456

PE64: False

System: Win32 GUI

Entry point: 55 8B EC 6A FF 68 E8 7B 40 00 68 84 59 40 00 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 83 EC 68 53 56 57 89 65 E8 33 DB 89 5D FC 6A 02 FF 15 DC 72 40 00 59 83 0D 90 A3 40 00 FF 83 0D 94 A3 40 00

Name	Attrib	MD5	Size
.text	60000020	7903474F37BC6FC29CAC972E16B9EEFC	24576
.rdata	40000040	7100AF31AB596652D41AE0C59D3D64E7	12288
.data	C0000040	22273AB16718660F8AA0F21B60FF838C	4096
.rsrc	40000040	10A4971BF463035EFDB26F479C17E3D2	102400

ssdeep

384:nH2jqexyS0iXJbfx3ZQwXOW5i1iioGjsPfglSP:HTDS0iJfx3etD1iioYiYE

192:qURBgePTQgrMQqdcnm0fxuXURBgexbl61oyaPtBhOLAD:TBgqsgoQqUm0fxDBg6p61wlBBD2

12:Nuec1khVluNueclXkhVluwWY6ueH8lXpO/ouAslluP8MXACTPjY6ueHxmeme /RO/ohbQAOxlO Qv4uMQj:zmEVlNNuec1khVluYNueclXkhVluYwWY6ueH8lXpO/ouAslluPA

1536:45e/dzMvkjs 9A8FWV645xk6KdzMvkjs 9Nyw6x8IqTH9vYV6smyeeeA:4M/ykHAMvq45e/dzMvkjs 9A8FWV6q

Signatures

Type	Signature
MD5	00000000000000000000000000000000:147456:VirusName
NAC	863B1AE3FF7EC20C6408BA2C175134EF:10:VirusName
RIC	DE11A8FFC44B69E1EEA8E38B771E528F:15032:VirusName
FIC	2:192:6rIIItguQ9Ikt9K4NWK ImwbVKc6rIIIGKguQ9TMkt9Of4cUeiisKvKHER7ImwZy5mVKwa0:S5AIk/CKdmwbVB6rIIIItguQ9Ikt9K4NWK ImwbVKc:95:VirusName
SEC	4:.text!24576\|.rdata!12288\|.data!4096\|.rsrc!102400:VirusName

Tagged with: Downloader, GuardConvert.exe, inst_launcher_wsp004.exe, irsetup.exe, jinsa1.exe, MicroProCon.exe, Translation.exe, Uninstall.exe
Posted in Detected

TROJ_GEN.F47V0808

Posted on August 10, 2012 by reporter — No Comments ↓

File Name: 8e0870a64c3b4bdd3d98d85114c26348.exe

Original Name: suf80_launch.exe

Product Name: Setup Factory 8.0 Runtime

Product Version: 8.2.1.0

File Version: 8.2.1.0

DB Updates: 10.08.2012 3:31:57

Check: [Clean]

MD5: 8E0870A64C3B4BDD3D98D85114C26348

ssdeep: 12288:jRpcgCYxPVQ1KRLLIyDASbumfbKFsdrojwSzunLEjzaQ/K1V qrJIuMpSsJno:ncgCYQ1LGum4sx8Kofd/uV wL5

Size: 734176

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	A8DBCAC095AEF6F1FF0F56E91C5ABC15	32768
.rdata	40000040	EFB6029B9A5F70171975F6B5A16C78CE	12288
.data	C0000040	CF8D7DD9F4B828868DB85743B8601F51	4096
.rsrc	40000040	05962A2C16EA40395E7B662814EBA9FD	28672

ssdeep

768:y0/t90Pcr/QS2KTBKxZFrYMB3XD20E4fOZ:llmPcrBd0ZvtD20fGE

192:DBbYzcnW/K4BnnnLuvorHNK2k49a3y6QydYOBe:DBQV7huvesow1QydjBek

24:Rnpul/P6uSkeK/6uSkeKuhBSqUR2Nb2GL/ulmtzPPAtpLBuezyF2fSGma:RnpuRTk4Tkpkj2UKqmBPItTuiQ

384:RTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEuPzLVO5:RTpFNee/zgjmzAYKcX/xA9LQ5Y5

Signatures

Type	Signature
MD5	8E0870A64C3B4BDD3D98D85114C26348:734176:VirusName
NAC	E7F018CAFF46EA121F709090ECE0CFCB:25:VirusName
RIC	91F826D2F28EE2589096B58F23A16CC8:25064:VirusName
FIC	2:384:jTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEui:jTpFNee/zgjmzAYKcX/xA9LQ4:95:VirusName
SEC	4:.text!32768\|.rdata!12288\|.data!4096\|.rsrc!28672:VirusName

Tagged with: irsetup.exe, MicroProCon.exe, Spy, Uninstall.exe
Posted in Detected

suf80_launch.exe

Posted on July 19, 2012 by reporter — No Comments ↓

File Name: 4919e7a49df7e9f1b66ed136d9aa8973.exe

Original Name: suf80_launch.exe

Product Name: Setup Factory 8.0 Runtime

Product Version: 8.2.1.0

File Version: 8.2.1.0

DB Updates: 19.07.2012 15:32:22

Check: [Clean]

MD5: 4919E7A49DF7E9F1B66ED136D9AA8973

ssdeep: 12288:ARMcgCYxPVQ1KRLLIyDASbumfbKFsdrojwSzunLEjzaQ/K1V q23Ott7f5EJj:9cgCYQ1LGum4sx8Kofd/uV 33w7fGJj

Size: 784896

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	A8DBCAC095AEF6F1FF0F56E91C5ABC15	32768
.rdata	40000040	EFB6029B9A5F70171975F6B5A16C78CE	12288
.data	C0000040	CF8D7DD9F4B828868DB85743B8601F51	4096
.rsrc	40000040	A07986F37307D7C54C5B46CCFA41403E	28672

ssdeep

768:y0/t90Pcr/QS2KTBKxZFrYMB3XD20E4fOZ:llmPcrBd0ZvtD20fGE

192:DBbYzcnW/K4BnnnnnnnnnnLuvorHNK2k49a3y6QydYOBe:DBQV7huvesow1QydjBek

24:Rnpul/P6uSkeK/6uSkeKuhBSqUR2Nb2GL/ulmtzPPAtpLBuezyF2fSGma:RnpuRTk4Tkpkj2UKqmBPItTuiQ

384:sTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEuPzLV T:sTpFNee/zgjmzAYKcX/xA9LQ5gT

Signatures

Type	Signature
MD5	4919E7A49DF7E9F1B66ED136D9AA8973:784896:VirusName
NAC	E7F018CAFF46EA121F709090ECE0CFCB:25:VirusName
RIC	91F826D2F28EE2589096B58F23A16CC8:25064:VirusName
FIC	2:384:jTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEui:jTpFNee/zgjmzAYKcX/xA9LQ4:95:VirusName
SEC	4:.text!32768\|.rdata!12288\|.data!4096\|.rsrc!28672:VirusName

Tagged with: Conv.exe, GuardConvert.exe, irsetup.exe, MicroProCon.exe, MicroProProc.exe, Uninstall.exe
Posted in Undetected

suf80_launch.exe

Posted on July 19, 2012 by reporter — No Comments ↓

File Name: d288bacecff7c00217d69c0139691d59.exe

Original Name: suf80_launch.exe

Product Name: Setup Factory 8.0 Runtime

Product Version: 8.2.1.0

File Version: 8.2.1.0

DB Updates: 19.07.2012 15:02:21

Check: [Clean]

MD5: D288BACECFF7C00217D69C0139691D59

ssdeep: 12288:7RMcgCYxPVQ1KRLLIyDASbumfbKFsdrojwSzunLEjzaQ/K1V q2DGtt7f5EJMaf8:ucgCYQ1LGum4sx8Kofd/uV 3Do7fGJPE

Size: 784912

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	A8DBCAC095AEF6F1FF0F56E91C5ABC15	32768
.rdata	40000040	EFB6029B9A5F70171975F6B5A16C78CE	12288
.data	C0000040	CF8D7DD9F4B828868DB85743B8601F51	4096
.rsrc	40000040	A07986F37307D7C54C5B46CCFA41403E	28672

ssdeep

768:y0/t90Pcr/QS2KTBKxZFrYMB3XD20E4fOZ:llmPcrBd0ZvtD20fGE

192:DBbYzcnW/K4BnnnnnnnnnnLuvorHNK2k49a3y6QydYOBe:DBQV7huvesow1QydjBek

24:Rnpul/P6uSkeK/6uSkeKuhBSqUR2Nb2GL/ulmtzPPAtpLBuezyF2fSGma:RnpuRTk4Tkpkj2UKqmBPItTuiQ

384:sTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEuPzLV T:sTpFNee/zgjmzAYKcX/xA9LQ5gT

Signatures

Type	Signature
MD5	D288BACECFF7C00217D69C0139691D59:784912:VirusName
NAC	E7F018CAFF46EA121F709090ECE0CFCB:25:VirusName
RIC	91F826D2F28EE2589096B58F23A16CC8:25064:VirusName
FIC	2:384:jTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEui:jTpFNee/zgjmzAYKcX/xA9LQ4:95:VirusName
SEC	4:.text!32768\|.rdata!12288\|.data!4096\|.rsrc!28672:VirusName

Tagged with: Conv.exe, GuardConvert.exe, irsetup.exe, MicroProCon.exe, MicroProProc.exe, Uninstall.exe
Posted in Undetected

suf80_launch.exe

Posted on July 19, 2012 by reporter — No Comments ↓

File Name: c3def0f1369080c319389fd0f441f2d6.exe

Original Name: suf80_launch.exe

Product Name: Setup Factory 8.0 Runtime

Product Version: 8.2.1.0

File Version: 8.2.1.0

DB Updates: 19.07.2012 14:32:13

Check: [Clean]

MD5: C3DEF0F1369080C319389FD0F441F2D6

ssdeep: 12288:HRMcgCYxPVQ1KRLLIyDASbumfbKFsdrojwSzunLEjzaQ/K1V q2y6XIott7f5EJn:ScgCYQ1LGum4sx8Kofd/uV 3y6Yu7fGV

Size: 784944

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	A8DBCAC095AEF6F1FF0F56E91C5ABC15	32768
.rdata	40000040	EFB6029B9A5F70171975F6B5A16C78CE	12288
.data	C0000040	CF8D7DD9F4B828868DB85743B8601F51	4096
.rsrc	40000040	A07986F37307D7C54C5B46CCFA41403E	28672

ssdeep

768:y0/t90Pcr/QS2KTBKxZFrYMB3XD20E4fOZ:llmPcrBd0ZvtD20fGE

192:DBbYzcnW/K4BnnnnnnnnnnLuvorHNK2k49a3y6QydYOBe:DBQV7huvesow1QydjBek

24:Rnpul/P6uSkeK/6uSkeKuhBSqUR2Nb2GL/ulmtzPPAtpLBuezyF2fSGma:RnpuRTk4Tkpkj2UKqmBPItTuiQ

384:sTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEuPzLV T:sTpFNee/zgjmzAYKcX/xA9LQ5gT

Signatures

Type	Signature
MD5	C3DEF0F1369080C319389FD0F441F2D6:784944:VirusName
NAC	E7F018CAFF46EA121F709090ECE0CFCB:25:VirusName
RIC	91F826D2F28EE2589096B58F23A16CC8:25064:VirusName
FIC	2:384:jTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEui:jTpFNee/zgjmzAYKcX/xA9LQ4:95:VirusName
SEC	4:.text!32768\|.rdata!12288\|.data!4096\|.rsrc!28672:VirusName

Tagged with: Conv.exe, GuardConvert.exe, irsetup.exe, MicroProCon.exe, MicroProProc.exe, Uninstall.exe
Posted in Undetected

suf80_launch.exe

Posted on July 19, 2012 by reporter — No Comments ↓

File Name: 9de8cd97ed1fc43f8a8e9d841335418c.exe

Original Name: suf80_launch.exe

Product Name: Setup Factory 8.0 Runtime

Product Version: 8.2.1.0

File Version: 8.2.1.0

DB Updates: 19.07.2012 8:02:39

Check: [Clean]

MD5: 9DE8CD97ED1FC43F8A8E9D841335418C

ssdeep: 12288:nRMcgCYxPVQ1KRLLIyDASbumfbKFsdrojwSzunLEjzaQ/K1V q2pQvott7f5EJ2m:ycgCYQ1LGum4sx8Kofd/uV 3pQm7fGJz

Size: 784944

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	A8DBCAC095AEF6F1FF0F56E91C5ABC15	32768
.rdata	40000040	EFB6029B9A5F70171975F6B5A16C78CE	12288
.data	C0000040	CF8D7DD9F4B828868DB85743B8601F51	4096
.rsrc	40000040	A07986F37307D7C54C5B46CCFA41403E	28672

ssdeep

768:y0/t90Pcr/QS2KTBKxZFrYMB3XD20E4fOZ:llmPcrBd0ZvtD20fGE

192:DBbYzcnW/K4BnnnnnnnnnnLuvorHNK2k49a3y6QydYOBe:DBQV7huvesow1QydjBek

24:Rnpul/P6uSkeK/6uSkeKuhBSqUR2Nb2GL/ulmtzPPAtpLBuezyF2fSGma:RnpuRTk4Tkpkj2UKqmBPItTuiQ

384:sTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEuPzLV T:sTpFNee/zgjmzAYKcX/xA9LQ5gT

Signatures

Type	Signature
MD5	9DE8CD97ED1FC43F8A8E9D841335418C:784944:VirusName
NAC	E7F018CAFF46EA121F709090ECE0CFCB:25:VirusName
RIC	91F826D2F28EE2589096B58F23A16CC8:25064:VirusName
FIC	2:384:jTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEui:jTpFNee/zgjmzAYKcX/xA9LQ4:95:VirusName
SEC	4:.text!32768\|.rdata!12288\|.data!4096\|.rsrc!28672:VirusName

Tagged with: Conv.exe, GuardConvert.exe, irsetup.exe, MicroProCon.exe, MicroProProc.exe, Uninstall.exe
Posted in Undetected

suf80_launch.exe

Posted on July 19, 2012 by reporter — No Comments ↓

File Name: cbb512c47ed0dc6f3eafaf46655c469a.exe

Original Name: suf80_launch.exe

Product Name: Setup Factory 8.0 Runtime

Product Version: 8.2.1.0

File Version: 8.2.1.0

DB Updates: 19.07.2012 4:02:57

Check: [Clean]

MD5: CBB512C47ED0DC6F3EAFAF46655C469A

ssdeep: 12288:tRMcgCYxPVQ1KRLLIyDASbumfbKFsdrojwSzunLEjzaQ/K1V q2aitt7f5EJf872:QcgCYQ1LGum4sx8Kofd/uV 3as7fGJkC

Size: 783848

PE64: False

System: Win32 GUI

Name	Attrib	MD5	Size
.text	60000020	A8DBCAC095AEF6F1FF0F56E91C5ABC15	32768
.rdata	40000040	EFB6029B9A5F70171975F6B5A16C78CE	12288
.data	C0000040	CF8D7DD9F4B828868DB85743B8601F51	4096
.rsrc	40000040	A07986F37307D7C54C5B46CCFA41403E	28672

ssdeep

768:y0/t90Pcr/QS2KTBKxZFrYMB3XD20E4fOZ:llmPcrBd0ZvtD20fGE

192:DBbYzcnW/K4BnnnnnnnnnnLuvorHNK2k49a3y6QydYOBe:DBQV7huvesow1QydjBek

24:Rnpul/P6uSkeK/6uSkeKuhBSqUR2Nb2GL/ulmtzPPAtpLBuezyF2fSGma:RnpuRTk4Tkpkj2UKqmBPItTuiQ

384:sTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEuPzLV T:sTpFNee/zgjmzAYKcX/xA9LQ5gT

Signatures

Type	Signature
MD5	CBB512C47ED0DC6F3EAFAF46655C469A:783848:VirusName
NAC	E7F018CAFF46EA121F709090ECE0CFCB:25:VirusName
RIC	91F826D2F28EE2589096B58F23A16CC8:25064:VirusName
FIC	2:384:jTjSCVCvwdfzbteVp 1ZFdgll1QzQ8SjZa9UcX/xNQAA8GjMyQEui:jTpFNee/zgjmzAYKcX/xA9LQ4:95:VirusName
SEC	4:.text!32768\|.rdata!12288\|.data!4096\|.rsrc!28672:VirusName

Tagged with: Conv.exe, GuardConvert.exe, irsetup.exe, MicroProCon.exe, MicroProProc.exe, Uninstall.exe
Posted in Undetected