Jump to content

Aresregular216_Installer.exe


Guest goodjohn1984

Recommended Posts

Guest goodjohn1984

This is probably either a false positive or malware.

 

aresregular216_installer.exe (It won't let me upload it here, but you can get the file at):

 

http://sourceforge.net/projects/aresgalaxy/files/aresgalaxy/AresRegular216_07102010/aresregular216_installer.exe/download

 

MD5...: abc9883331fea3b3a86c8b48bfd2cf66

 

http://www.virustotal.com/analisis/313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3-1280246039

 

http://camas.comodo.com/cgi-bin/submit?file=0b9d879d39b18d53b41708a6dfbc381938017a58eccf1881ec2d4538512a6192

 

http://www.virscan.org/report/0b59d08a57269787762158334cc75727.html

 

Additional information

File size: 2512861 bytes

MD5...: abc9883331fea3b3a86c8b48bfd2cf66

SHA1..: 6dfccb55aebbaa61692ecdb6a50f2beaab2c21d2

SHA256: 313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3

ssdeep: 49152:bFXFWr31IaEEtlU/cjvjGnK3PH6LBvdKbLRlewau1dEHYqnEDk:ZXFWrKn

0XU9lKb1Duvak

PEiD..: -

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x3154

timedatestamp.....: 0x45d6f9b0 (Sat Feb 17 12:48:48 2007)

machinetype.......: 0x14c (I386)

 

( 5 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x5be6 0x5c00 6.48 da404f02cd489060cb5c42f1f07f0c92

.rdata 0x7000 0x1218 0x1400 4.94 51e05dceb9e2610ceb6b405a26eab2f8

.data 0x9000 0x264f4 0x400 5.20 44054c0627a3ea1c6dce75d9998638c8

.ndata 0x30000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

.rsrc 0x39000 0x76c8 0x7800 5.61 5be6d87ddc2e71a76d90a61a0d42d1fe

 

( 8 imports )

> KERNEL32.dll: CloseHandle, SetFileTime, CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, ExitProcess, lstrcmpiA, GetWindowsDirectoryA, GetTempPathA, GetCommandLineA, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, lstrcmpA, GetEnvironmentVariableA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, SetErrorMode, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, MulDiv, ReadFile, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, CopyFileA

> USER32.dll: ScreenToClient, GetWindowRect, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, EndDialog, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxA, CharPrevA, DispatchMessageA, PeekMessageA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, ShowWindow, SendMessageTimeoutA, FindWindowExA, RegisterClassA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, TrackPopupMenu, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, wsprintfA

> GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject

> SHELL32.dll: SHGetMalloc, SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation

> ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA

> COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create

> ole32.dll: OleInitialize, OleUninitialize, CoCreateInstance

> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

 

( 0 exports )

RDS...: NSRL Reference Data Set

-

pdfid.: -

trid..: Win32 Executable MS Visual C++ (generic) (65.2%)

Win32 Executable Generic (14.7%)

Win32 Dynamic Link Library (generic) (13.1%)

Generic Win/DOS Executable (3.4%)

DOS Executable Generic (3.4%)

packers (Kaspersky): Swf2Swc, ASPack, ASPack, ASPack, UPX, ASPack

sigcheck:

publisher....: n/a

copyright....: n/a

product......: n/a

description..: n/a

original name: n/a

internal name: n/a

file version.: n/a

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

packers (F-Prot): NSIS, UTF-8, Aspack, UPX

Link to comment
Share on other sites

Guest orlando

This is probably either a false positive or malware.

 

aresregular216_installer.exe (It won't let me upload it here, but you can get the file at):

 

http://sourceforge.net/projects/aresgalaxy/files/aresgalaxy/AresRegular216_07102010/aresregular216_installer.exe/download

 

MD5...: abc9883331fea3b3a86c8b48bfd2cf66

 

http://www.virustotal.com/analisis/313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3-1280246039

 

http://camas.comodo.com/cgi-bin/submit?file=0b9d879d39b18d53b41708a6dfbc381938017a58eccf1881ec2d4538512a6192

 

http://www.virscan.org/report/0b59d08a57269787762158334cc75727.html

 

Additional information

File size: 2512861 bytes

MD5...: abc9883331fea3b3a86c8b48bfd2cf66

SHA1..: 6dfccb55aebbaa61692ecdb6a50f2beaab2c21d2

SHA256: 313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3

ssdeep: 49152:bFXFWr31IaEEtlU/cjvjGnK3PH6LBvdKbLRlewau1dEHYqnEDk:ZXFWrKn

0XU9lKb1Duvak

PEiD..: -

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x3154

timedatestamp.....: 0x45d6f9b0 (Sat Feb 17 12:48:48 2007)

machinetype.......: 0x14c (I386)

 

( 5 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x5be6 0x5c00 6.48 da404f02cd489060cb5c42f1f07f0c92

.rdata 0x7000 0x1218 0x1400 4.94 51e05dceb9e2610ceb6b405a26eab2f8

.data 0x9000 0x264f4 0x400 5.20 44054c0627a3ea1c6dce75d9998638c8

.ndata 0x30000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

.rsrc 0x39000 0x76c8 0x7800 5.61 5be6d87ddc2e71a76d90a61a0d42d1fe

 

( 8 imports )

> KERNEL32.dll: CloseHandle, SetFileTime, CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, ExitProcess, lstrcmpiA, GetWindowsDirectoryA, GetTempPathA, GetCommandLineA, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, lstrcmpA, GetEnvironmentVariableA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, SetErrorMode, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, MulDiv, ReadFile, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, CopyFileA

> USER32.dll: ScreenToClient, GetWindowRect, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, EndDialog, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxA, CharPrevA, DispatchMessageA, PeekMessageA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, ShowWindow, SendMessageTimeoutA, FindWindowExA, RegisterClassA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, TrackPopupMenu, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, wsprintfA

> GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject

> SHELL32.dll: SHGetMalloc, SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation

> ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA

> COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create

> ole32.dll: OleInitialize, OleUninitialize, CoCreateInstance

> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

 

( 0 exports )

RDS...: NSRL Reference Data Set

-

pdfid.: -

trid..: Win32 Executable MS Visual C++ (generic) (65.2%)

Win32 Executable Generic (14.7%)

Win32 Dynamic Link Library (generic) (13.1%)

Generic Win/DOS Executable (3.4%)

DOS Executable Generic (3.4%)

packers (Kaspersky): Swf2Swc, ASPack, ASPack, ASPack, UPX, ASPack

sigcheck:

publisher....: n/a

copyright....: n/a

product......: n/a

description..: n/a

original name: n/a

internal name: n/a

file version.: n/a

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

packers (F-Prot): NSIS, UTF-8, Aspack, UPX

 

 

The file is clean. It is also a reliable company. Unquestionably clean.

 

The total virus detections are false positives.

 

Orlando

Link to comment
Share on other sites

Guest goodjohn1984

The file is clean. It is also a reliable company. Unquestionably clean.

 

The total virus detections are false positives.

 

Orlando

 

I thought so, thank you.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...