So, I have been experiencing issues with clients that have AVG and Remote Utilities Host exe from MSI the msi configurator. All of a sudden, I am getting errors like exe can't be found due to the antivirus eating the file. I tried talking with AVG about it after submitting samples but they wouldn't listen.. This is what they said.
Thanks for your email. Please, check virustotal link -
https://www.virustotal.com/gui/file/8c6764cecb249f71668631070b84f515566241a2b67177e820c4e3d796a02d64?nocache=1,
and our clean guidelines for more details
https://support.avg.com/supportarticleview?l=en&supporttype=home&urlname=avg-threat-lab-clean-guideline.
Thank you for your understanding.
Have a nice day.
Miro
AVG Customer Care Team
User-added image
AVG Support Center
Here is the results:
Basic Properties
MD5 a9d7effc8978c05bb06d704812be6a11
SHA-1 1400ba3ed9e1a0a8ad82fe281e1e60eda58a170a
SHA-256 8c6764cecb249f71668631070b84f515566241a2b67177e820c4e3d796a0
2d64
Vhash 01703e0f7d701013z11z401013z1015z13z101dz
Authentihash e7d227cb3f52c26a00ed9713719b79894e6f98f9570b50ea825ec1ec24d5
0a8e
Imphash 19b321cb7a9ce31c90397152f38b67ea
SSDEEP 393216:HFMfDRd5Luew5Pe8K6EKB5W+OilBRLOy2PvXeolk/j0vV066u3cSgEzcy:HED1uew5mmEQg+D3OvPvXeol0ju3cCzp
TLSH T1090733C2E3E00814F9FF437299F65F2C9A7AFC98AB79230E14E4B31574
A3D461916687
File type Win32 EXE
Magic PE32 executable for MS Windows (GUI) Intel 80386 32-bit
TrID UPX compressed Win32 Executable (66.6%)
TrID Win32 Executable (generic) (11%)
TrID WinArchiver Mountable compressed Archive (7.3%)
TrID OS/2 Executable (generic) (4.9%)
TrID Generic Win/DOS Executable (4.9%)
File size 17.33 MB (18173096 bytes)
PEiD packer UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
History
Creation Time 2019-07-02 13:49:38 UTC
Signature Date 03:31 PM 12/22/2020
First Submission 2022-09-09 14:26:08 UTC
Last Submission 2022-09-09 14:26:08 UTC
Last Analysis 2022-09-11 07:55:47 UTC
Signature Info
Signature Verification
A certificate was explicitly revoked by its issuer.
File Version Information
Copyright Copyright © 2019 Remote Utilities LLC. All rights reserved.
Product Remote Utilities
Description Remote Utilities
File Version 6.10.10.0
Date signed 2020-12-22 21:31:00 UTC
Signers
Remote Utilities LLC
Sectigo RSA Code Signing CA
USERTrust RSA Certification Authority
Sectigo (AAA)
Counter Signers
Symantec Time Stamping Services Signer - G4
Symantec Time Stamping Services CA - G2
Thawte Timestamping CA
X509 Certificates
Symantec Time Stamping Services CA - G2
Symantec Time Stamping Services Signer - G4
USERTrust RSA Certification Authority
Remote Utilities LLC
Sectigo RSA Code Signing CA
Portable Executable Info
Header
Target Machine Intel 386 or later processors and compatible processors
Compilation Timestamp 2019-07-02 13:49:38 UTC
Entry Point 21060288
Contained Sections 3
Sections
Name Virtual Address Virtual Size MD5 Chi2
UPX0 4096 20115456 d41d8cd98f00b204e9800998ecf8427e -1
UPX1 20119552 942080 17fae7ed8d11319ae1a1446ce4c278c1 121064.54
.rsrc 21061632 17223680 e3a0d47514d89c93abfb2fd8f402a626 870587.19
Imports
msvcrt.dll
version.dll
gdi32.dll
advapi32.dll
KERNEL32.DLL
SHFolder.dll
winspool.drv
netapi32.dll
shell32.dll
ole32.dll
Contained Resources By Type
RT_STRING 37
RT_RCDATA 11
RT_CURSOR 7
RT_GROUP_CURSOR 7
RT_ICON 6
UNICODEDATA 6
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Contained Resources By Language
NEUTRAL 50
ENGLISH US 27
Contained Resources
SHA-256 File Type Type Language Entropy Chi2
26ad8bd8e5e67fa91f5e84623f14dfa392eba1b7742c1430f24039a16228
f0a2 unknown UNICODEDATA NEUTRAL 4.43 1344588.75
e0a16eb6441e280225f96b9fecb22f42ff8f3891f2c26121d96991b74f88
e9c9 unknown UNICODEDATA NEUTRAL 5.83 857141.5
85090d58aceb2ef630709a15e01e216740e85279abd5022b20b388a07015
c4db unknown UNICODEDATA NEUTRAL 5.65 39383.63
5b94876780408f50c0e7a298f9cb060f5bbcbc2ddf8894fb0edfa3a6b24d
35cd unknown UNICODEDATA NEUTRAL 5.13 1419150
4956615fe2817e88bbe53190d14a4b8f104706547b7eaf1852d686d86c7a
9f2c unknown UNICODEDATA NEUTRAL 5.25 1660242.5
Overlay
entropy 7.433434963226318
offset 18165248
chi2 10505.12
filetype unknown
md5 0fa93d29fc0ef891baf6a6c4170f3a3f
size 7848