Jump to content
Sign in to follow this  
Guest goodjohn1984

Aresregular216_Installer.exe

Recommended Posts

Guest goodjohn1984

This is probably either a false positive or malware.

 

aresregular216_installer.exe (It won't let me upload it here, but you can get the file at):

 

http://sourceforge.net/projects/aresgalaxy/files/aresgalaxy/AresRegular216_07102010/aresregular216_installer.exe/download

 

MD5...: abc9883331fea3b3a86c8b48bfd2cf66

 

http://www.virustotal.com/analisis/313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3-1280246039

 

http://camas.comodo.com/cgi-bin/submit?file=0b9d879d39b18d53b41708a6dfbc381938017a58eccf1881ec2d4538512a6192

 

http://www.virscan.org/report/0b59d08a57269787762158334cc75727.html

 

Additional information

File size: 2512861 bytes

MD5...: abc9883331fea3b3a86c8b48bfd2cf66

SHA1..: 6dfccb55aebbaa61692ecdb6a50f2beaab2c21d2

SHA256: 313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3

ssdeep: 49152:bFXFWr31IaEEtlU/cjvjGnK3PH6LBvdKbLRlewau1dEHYqnEDk:ZXFWrKn

0XU9lKb1Duvak

PEiD..: -

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x3154

timedatestamp.....: 0x45d6f9b0 (Sat Feb 17 12:48:48 2007)

machinetype.......: 0x14c (I386)

 

( 5 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x5be6 0x5c00 6.48 da404f02cd489060cb5c42f1f07f0c92

.rdata 0x7000 0x1218 0x1400 4.94 51e05dceb9e2610ceb6b405a26eab2f8

.data 0x9000 0x264f4 0x400 5.20 44054c0627a3ea1c6dce75d9998638c8

.ndata 0x30000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

.rsrc 0x39000 0x76c8 0x7800 5.61 5be6d87ddc2e71a76d90a61a0d42d1fe

 

( 8 imports )

> KERNEL32.dll: CloseHandle, SetFileTime, CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, ExitProcess, lstrcmpiA, GetWindowsDirectoryA, GetTempPathA, GetCommandLineA, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, lstrcmpA, GetEnvironmentVariableA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, SetErrorMode, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, MulDiv, ReadFile, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, CopyFileA

> USER32.dll: ScreenToClient, GetWindowRect, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, EndDialog, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxA, CharPrevA, DispatchMessageA, PeekMessageA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, ShowWindow, SendMessageTimeoutA, FindWindowExA, RegisterClassA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, TrackPopupMenu, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, wsprintfA

> GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject

> SHELL32.dll: SHGetMalloc, SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation

> ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA

> COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create

> ole32.dll: OleInitialize, OleUninitialize, CoCreateInstance

> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

 

( 0 exports )

RDS...: NSRL Reference Data Set

-

pdfid.: -

trid..: Win32 Executable MS Visual C++ (generic) (65.2%)

Win32 Executable Generic (14.7%)

Win32 Dynamic Link Library (generic) (13.1%)

Generic Win/DOS Executable (3.4%)

DOS Executable Generic (3.4%)

packers (Kaspersky): Swf2Swc, ASPack, ASPack, ASPack, UPX, ASPack

sigcheck:

publisher....: n/a

copyright....: n/a

product......: n/a

description..: n/a

original name: n/a

internal name: n/a

file version.: n/a

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

packers (F-Prot): NSIS, UTF-8, Aspack, UPX

Share this post


Link to post
Share on other sites
Guest orlando

This is probably either a false positive or malware.

 

aresregular216_installer.exe (It won't let me upload it here, but you can get the file at):

 

http://sourceforge.net/projects/aresgalaxy/files/aresgalaxy/AresRegular216_07102010/aresregular216_installer.exe/download

 

MD5...: abc9883331fea3b3a86c8b48bfd2cf66

 

http://www.virustotal.com/analisis/313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3-1280246039

 

http://camas.comodo.com/cgi-bin/submit?file=0b9d879d39b18d53b41708a6dfbc381938017a58eccf1881ec2d4538512a6192

 

http://www.virscan.org/report/0b59d08a57269787762158334cc75727.html

 

Additional information

File size: 2512861 bytes

MD5...: abc9883331fea3b3a86c8b48bfd2cf66

SHA1..: 6dfccb55aebbaa61692ecdb6a50f2beaab2c21d2

SHA256: 313b98f22273883626128260d3cde82f25e40bfe0df912c7a1482ae3e141b0b3

ssdeep: 49152:bFXFWr31IaEEtlU/cjvjGnK3PH6LBvdKbLRlewau1dEHYqnEDk:ZXFWrKn

0XU9lKb1Duvak

PEiD..: -

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x3154

timedatestamp.....: 0x45d6f9b0 (Sat Feb 17 12:48:48 2007)

machinetype.......: 0x14c (I386)

 

( 5 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x5be6 0x5c00 6.48 da404f02cd489060cb5c42f1f07f0c92

.rdata 0x7000 0x1218 0x1400 4.94 51e05dceb9e2610ceb6b405a26eab2f8

.data 0x9000 0x264f4 0x400 5.20 44054c0627a3ea1c6dce75d9998638c8

.ndata 0x30000 0x9000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

.rsrc 0x39000 0x76c8 0x7800 5.61 5be6d87ddc2e71a76d90a61a0d42d1fe

 

( 8 imports )

> KERNEL32.dll: CloseHandle, SetFileTime, CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, ExitProcess, lstrcmpiA, GetWindowsDirectoryA, GetTempPathA, GetCommandLineA, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, lstrcmpA, GetEnvironmentVariableA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, SetErrorMode, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, MulDiv, ReadFile, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, CopyFileA

> USER32.dll: ScreenToClient, GetWindowRect, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, EndDialog, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxA, CharPrevA, DispatchMessageA, PeekMessageA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, ShowWindow, SendMessageTimeoutA, FindWindowExA, RegisterClassA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, TrackPopupMenu, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, wsprintfA

> GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject

> SHELL32.dll: SHGetMalloc, SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation

> ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA

> COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create

> ole32.dll: OleInitialize, OleUninitialize, CoCreateInstance

> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

 

( 0 exports )

RDS...: NSRL Reference Data Set

-

pdfid.: -

trid..: Win32 Executable MS Visual C++ (generic) (65.2%)

Win32 Executable Generic (14.7%)

Win32 Dynamic Link Library (generic) (13.1%)

Generic Win/DOS Executable (3.4%)

DOS Executable Generic (3.4%)

packers (Kaspersky): Swf2Swc, ASPack, ASPack, ASPack, UPX, ASPack

sigcheck:

publisher....: n/a

copyright....: n/a

product......: n/a

description..: n/a

original name: n/a

internal name: n/a

file version.: n/a

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

packers (F-Prot): NSIS, UTF-8, Aspack, UPX

 

 

The file is clean. It is also a reliable company. Unquestionably clean.

 

The total virus detections are false positives.

 

Orlando

Share this post


Link to post
Share on other sites
Guest goodjohn1984

The file is clean. It is also a reliable company. Unquestionably clean.

 

The total virus detections are false positives.

 

Orlando

 

I thought so, thank you.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...