Avira analysis

The file 'Trial Reset.exe' has been determined to be 'DAMAGED FILE (UNKNOWN)'. In particular this means that this file is damaged and not working properly. We could not find any malicious content. However the heuristic detection module may still detect this particular file even though it is damaged. In that case we will not adjust and remove detection for this damaged file.

I guess that explains it…

NORMAN sandbox
Trial Reset.exe : Not detected by Sandbox (Signature: W32/Suspicious_Gen2)

[ DetectionInfo ]
* Filename: C:\analyzer\scan\Trial Reset.exe.
* Sandbox name: NO_MALWARE
* Signature name: W32/Suspicious_Gen2.ERLUN.
* Compressed: YES.
* TLS hooks: NO.
* Executable type: Application.
* Executable file structure: OK.
* Filetype: PE_I386.

[ General information ]
* Decompressing UPX3.
* File length: 510186 bytes.
* MD5 hash: 782c0b7a148bc388de80fd4141b8e1cf.
* SHA1 hash: 8075f12ef7b1e4c0612eeb908c192e8da51c60e1.
* Packer detection: UPX 2.90 LMA.

[ Changes to registry ]
* Accesses Registry key “HKCU\Control Panel\Mouse”.
* Accesses Registry key “HKCU\Software\AutoIt v3\AutoIt”.