× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 30352ba365a78475aecbf3ed143d98135cb4583f2ff1b17a3d6913d1d6134ee7
File name: RamBooster20.msi
Detection ratio: 1 / 58
Analysis date: 2018-11-03 01:46:37 UTC ( 2 months, 2 weeks ago ) View latest
Antivirus Result Update
Zillya Trojan.Packed.Win32.111482 20181102
Ad-Aware 20181103
AegisLab 20181103
AhnLab-V3 20181102
Alibaba 20180921
ALYac 20181102
Antiy-AVL 20181103
Arcabit 20181103
Avast 20181103
Avast-Mobile 20181102
AVG 20181103
Avira (no cloud) 20181103
Babable 20180918
Baidu 20181102
BitDefender 20181102
Bkav 20181102
CAT-QuickHeal 20181102
ClamAV 20181102
CMC 20181102
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181103
Cyren 20181103
DrWeb 20181103
eGambit 20181103
Emsisoft 20181103
Endgame 20180730
ESET-NOD32 20181103
F-Prot 20181103
F-Secure 20181103
Fortinet 20181103
GData 20181103
Ikarus 20181102
Sophos ML 20180717
Jiangmin 20181103
K7AntiVirus 20181102
K7GW 20181102
Kaspersky 20181103
Kingsoft 20181103
Malwarebytes 20181103
MAX 20181103
McAfee 20181102
McAfee-GW-Edition 20181102
Microsoft 20181103
eScan 20181102
NANO-Antivirus 20181102
Palo Alto Networks (Known Signatures) 20181103
Panda 20181102
Qihoo-360 20181103
Rising 20181102
SentinelOne (Static ML) 20181011
Sophos AV 20181103
SUPERAntiSpyware 20181031
Symantec 20181102
Symantec Mobile Insight 20181030
TACHYON 20181103
Tencent 20181103
TheHacker 20181031
TotalDefense 20181102
TrendMicro 20181102
TrendMicro-HouseCall 20181102
Trustlook 20181103
VBA32 20181102
VIPRE None
ViRobot 20181102
Webroot 20181103
Yandex 20181102
ZoneAlarm by Check Point 20181103
Zoner 20181103
The file being studied is a Windows Installer file! These types of files are software components used for the installation, maintenance, and removal of software on modern Microsoft Windows systems.
OLE structured storage summary
last_author
InstallShield
creation_datetime
2005-11-17 12:26:40
template
Intel;1033
author
RamBooster
page_count
200
last_saved
2005-11-17 12:26:40
keywords
Installer,MSI,Database
comments
Contact: Your local administrator
revision_number
{0904CA67-9E36-421F-910A-C5C18AF2505E}
last_printed
2005-11-17 12:26:40
application_name
InstallShield\ufffd X - Express Edition 10.0
title
Installation Database
security
1
code_page
Latin I
subject
RamBooster
OLE Streams
name
Root Entry
clsid
000c1084-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
27072
type_literal
stream
sid
1
name
\x05SummaryInformation
size
556
type_literal
stream
sid
69
name
\u410d\u4137\u4781\u4126\u4825
size
294157
type_literal
stream
sid
20
name
\u4192\u4472\u3abe\u3e5b\u3ed9\u3b58\u3b1e\u3c9d\u3e0c\u4797\u46e8\u4828
size
10134
type_literal
stream
sid
60
name
\u4192\u4472\u3dfe\u46a8\u42dc\u4572\u41b7\u45f8\u47c2\u3b4a\u38ce\u3a8c\u3b0c\u3b0e\u3843\u3a04\u3b00\u38c8\u380a\u3a05\u3b87\u398e\u3b00\u3a0e\u3bcd\u423e\u423b
size
40960
type_literal
stream
sid
59
name
\u4192\u4472\u3efe\u4424\u44a5\u45b2\u4237\u47b5\u46e8\u3868\u3abf\u3b8d\u3b03\u3b0a\u3b8c\u38cc\u3901\u3808\u3a0c\u3a83\u3940\u39c8\u3b8e\u3806\u3b8c\u3b48\u47cf\u4781\u46e8\u4828
size
40960
type_literal
stream
sid
51
name
\u430b\u4131\u4735\u3cbe\u3adc\u43ec\u3aef\u4132\u41f5\u430b\u4131\u4735\u387f
size
291894
type_literal
stream
sid
49
name
\u430b\u4131\u4735\u3cbe\u3b36\u4472\u4329\u47aa\u3dd2\u4812
size
10
type_literal
stream
sid
46
name
\u430b\u4131\u4735\u3cbe\u3edc\u479d\u3d4d\u4815
size
319488
type_literal
stream
sid
42
name
\u430b\u4131\u4735\u3cbe\u3f1c\u3d4e\u3ecf\u3c0e\u3b7e\u3d55
size
106496
type_literal
stream
sid
44
name
\u430b\u4131\u4735\u3cbe\u3f1c\u4566\u44ec\u3af7\u4335\u42a7\u38a8\u4780\u3d4d\u4815
size
180224
type_literal
stream
sid
43
name
\u430b\u4131\u4735\u3cbe\u3f1c\u4566\u44ec\u47b7\u4596\u482c
size
1427968
type_literal
stream
sid
47
name
\u430b\u4131\u4735\u3cbe\u45b1\u4137\u43ef\u419c\u4335\u45f3
size
56988
type_literal
stream
sid
24
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u3801
size
4534
type_literal
stream
sid
25
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u3841
size
4534
type_literal
stream
sid
26
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u3881
size
766
type_literal
stream
sid
27
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u38c1
size
766
type_literal
stream
sid
28
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u3901
size
766
type_literal
stream
sid
29
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u3941
size
766
type_literal
stream
sid
30
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u3981
size
766
type_literal
stream
sid
31
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u39c1
size
766
type_literal
stream
sid
32
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u3a01
size
766
type_literal
stream
sid
45
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u3a41
size
49152
type_literal
stream
sid
23
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u4801
size
1033
type_literal
stream
sid
33
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u4802
size
318
type_literal
stream
sid
34
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u4803
size
318
type_literal
stream
sid
35
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u4804
size
766
type_literal
stream
sid
36
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u4805
size
3519
type_literal
stream
sid
37
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u4806
size
4534
type_literal
stream
sid
38
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u4807
size
766
type_literal
stream
sid
39
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u4808
size
766
type_literal
stream
sid
40
name
\u430b\u4131\u4735\u3dfe\u46a8\u430b\u4131\u4735\u4809
size
10134
type_literal
stream
sid
50
name
\u430b\u4131\u4735\u3f3e\u4577\u446c\u386a\u38c0\u4783\u46f7\u4837
size
94254
type_literal
stream
sid
41
name
\u430b\u4131\u4735\u3f3e\u45e8\u43ca\u3faf\u4236\u45b5\u41fe\u43ef
size
81920
type_literal
stream
sid
48
name
\u430b\u4131\u4735\u47fe\u3f12\u3b9b\u479c\u3d4d\u4815
size
540772
type_literal
stream
sid
4
name
\u4840\u3b3f\u43f2\u4438\u45b1
size
3416
type_literal
stream
sid
63
name
\u4840\u3c9e\u421d\u45fb
size
200
type_literal
stream
sid
58
name
\u4840\u3f12\u430b\u43ef\u448b\u4564\u4827
size
26
type_literal
stream
sid
6
name
\u4840\u3f3f\u4577\u446c\u3b6a\u45e4\u4824
size
78958
type_literal
stream
sid
5
name
\u4840\u3f3f\u4577\u446c\u3e6a\u44b2\u482f
size
7924
type_literal
stream
sid
3
name
\u4840\u3f7f\u4164\u422f\u4836
size
176
type_literal
stream
sid
2
name
\u4840\u3fff\u43e4\u41ec\u45e4\u44ac\u4831
size
11496
type_literal
stream
sid
66
name
\u4840\u411b\u4327\u3af2\u45f8\u44b7\u4831
size
180
type_literal
stream
sid
18
name
\u4840\u418a\u4337\u4472\u421d\u45fb
size
408
type_literal
stream
sid
19
name
\u4840\u4192\u4472
size
12
type_literal
stream
sid
7
name
\u4840\u41ca\u4330\u3bb1\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
72
type_literal
stream
sid
8
name
\u4840\u41ca\u4330\u3fb1\u3f12\u4528\u4238\u41b1\u4828
size
78
type_literal
stream
sid
9
name
\u4840\u41ca\u45f9\u46ce\u41a8\u45f8\u3f28\u4528\u4238\u41b1\u4828
size
96
type_literal
stream
sid
14
name
\u4840\u420f\u45e4\u4578\u3b28\u4432\u44b3\u4231\u45f1\u4836
size
48
type_literal
stream
sid
13
name
\u4840\u420f\u45e4\u4578\u4828
size
16
type_literal
stream
sid
68
name
\u4840\u4216\u4327\u4824
size
12
type_literal
stream
sid
62
name
\u4840\u421d\u45fb\u45dc\u43fc\u4828
size
288
type_literal
stream
sid
65
name
\u4840\u42cc\u41a8\u3aee\u46f2
size
12
type_literal
stream
sid
61
name
\u4840\u42dc\u4572\u41b7\u45f8
size
48
type_literal
stream
sid
22
name
\u4840\u430b\u4131\u4735
size
116
type_literal
stream
sid
12
name
\u4840\u430d\u4235\u45e6\u4572\u483c
size
288
type_literal
stream
sid
67
name
\u4840\u430d\u43e4\u42b2
size
704
type_literal
stream
sid
16
name
\u4840\u430f\u422f
size
162
type_literal
stream
sid
10
name
\u4840\u4452\u45f6\u43e4\u3baf\u423b\u4626\u4237\u421c\u4634\u4468\u4226
size
408
type_literal
stream
sid
11
name
\u4840\u4452\u45f6\u43e4\u3faf\u3f12\u4528\u4238\u41b1\u4828
size
168
type_literal
stream
sid
15
name
\u4840\u448c\u44f0\u4472\u4468\u4837
size
144
type_literal
stream
sid
52
name
\u4840\u448c\u45f1\u44b5\u3b2f\u4472\u4327\u4337\u4472
size
608
type_literal
stream
sid
53
name
\u4840\u448c\u45f1\u44b5\u3baf\u4239\u45f1
size
1860
type_literal
stream
sid
64
name
\u4840\u448c\u45f1\u44b5\u482f
size
10712
type_literal
stream
sid
54
name
\u4840\u454c\u4128\u4237\u448f\u41ef\u4568
size
36
type_literal
stream
sid
56
name
\u4840\u454e\u44b5\u4835
size
600
type_literal
stream
sid
21
name
\u4840\u4559\u44f2\u4568\u4737
size
236
type_literal
stream
sid
17
name
\u4840\u4596\u3bec\u43ec\u3c68\u45a4\u482b
size
160
type_literal
stream
sid
55
name
\u4840\u460c\u45f6\u4432\u418a\u4337\u4472
size
104
type_literal
stream
sid
57
name
\u4840\u464e\u4468\u3db7\u44e4\u4333\u42b1
size
120
ExifTool file metadata
MIMEType
image/vnd.fpx

CodePage
Windows Latin 1 (Western European)

ModifyDate
2005:11:17 11:26:40

Template
Intel;1033

Author
RamBooster

FileType
FPX

Title
Installation Database

Comments
Contact: Your local administrator

Pages
200

LastModifiedBy
InstallShield

Characters
0

FileTypeExtension
fpx

Words
0

Keywords
Installer,MSI,Database

LastPrinted
2005:11:17 11:26:40

Security
Password protected

Software
InstallShield? X - Express Edition 10.0

CreateDate
2005:11:17 11:26:40

RevisionNumber
{0904CA67-9E36-421F-910A-C5C18AF2505E}

Subject
RamBooster

Compressed bundles
File identification
MD5 18f3a2c5e4b9d9ce9ddf780afbb89532
SHA1 1d62ed7459bc9a1a0ca6d4a9005ca8c340194d80
SHA256 30352ba365a78475aecbf3ed143d98135cb4583f2ff1b17a3d6913d1d6134ee7
ssdeep
49152:yVxYwYy/ki1CXY3dXG4B9RcEoqKVgd6LyurQfey7Ibr/:kYy/f1p3dXd9RNVuXykr

File size 3.6 MB ( 3740160 bytes )
File type Windows Installer
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 5.1, Last Saved By: InstallShield , Number of Characters: 0, Security: 1, Number of Words: 0, Title: Installation Database, Comments: Contact: Your local administrator, Keywords: Installer,MSI,Database, Subject: RamBooster, Author: RamBooster, Number of Pages: 200, Name of Creating Application: InstallShield� X - Express Edition 10.0, Last Saved Time/Date: Wed Nov 16 11:26:40 2005, Create Time/Date: Wed Nov 16 11:26:40 2005, Last Printed: Wed Nov 16 11:26:40 2005, Revision Number: {0904CA67-9E36-421F-910A-C5C18AF2505E}, Code page: 1252, Template: Intel

TrID Microsoft Windows Installer (79.8%)
Windows SDK Setup Transform Script (11.0%)
Windows Installer Patch (7.7%)
Generic OLE2 / Multistream Compound File (1.3%)
Tags
msi software-collection

VirusTotal metadata
First submission 2009-03-13 02:32:43 UTC ( 9 years, 10 months ago )
Last submission 2019-01-13 06:43:56 UTC ( 1 week, 2 days ago )
File names file-3275115_msi
RamBooster20.msi
rambooster_7917.msi
RamBooster 2.0.msi
RamBooster20(2).msi
RamBooster20.msi
RamBooster20(1).msi
451720
RamBooster20-spaces.ru.msi
filename
RamBooster20_2.msi
file
Ram_Booster_2.0.msi
Ram Booster 2.0.msi
RamBooster20 ( um programa que apaga os dados inteis gravados na memria RAM do computador.).msi
Baixaki_rambooster-2-0.msi
RamBooster20 (1).msi
1d62ed7459bc9a1a0ca6d4a9005ca8c340194d80
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!