قط على سطح المكتب (زيزوم نت ).exe

The executable قط على سطح المكتب (زيزوم نت ).exe has been detected as malware by 7 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.wynnea.com and multiple other hosts.
MD5:
0e4baee67e1dce71c1a334e22e50380e

SHA-1:
6eb1cb1d94a00daf1fb91218b050fdcba8436c03

SHA-256:
7ff0ecf2953b8662ede1577e330a514f09992c18aa3c14ed77cf2ffc115b0866

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
12/26/2024 5:00:18 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Orsam
7.1.1

AhnLab V3 Security
Win-AppCare/Xema.307200
2014.02.12

Baidu Antivirus
Trojan.Win32.ScreenMate
4.0.3.14220

Bkav FE
W32.MalwareOnlineGH.Trojan
1.3.0.4924

Comodo Security
ApplicUnsaf.Win32.Joke.ScreenMate
17771

ESET NOD32
Win32/Joke.ScreenMate
8.9411

Fortinet FortiGate
Riskware/ScreenMate
2/20/2014

File size:
300 KB (307,200 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\screenmates\قط على سطح المكتب (زيزوم نت ).exe

File PE Metadata
Compilation timestamp:
8/20/1999 4:45:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:QbB8IHeMQjhIWPrjAlZbXJsPAzCi7/isD:QthHeMQjZPrgZbWCCi7V

Entry address:
0x10B57

Entry point:
55, 8B, EC, 6A, FF, 68, 30, 78, 41, 00, 68, E8, 40, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 90, 71, 41, 00, 33, D2, 8A, D4, 89, 15, A4, F6, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, A0, F6, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 9C, F6, 41, 00, C1, E8, 10, A3, 98, F6, 41, 00, 33, F6, 56, E8, F1, 12, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 14, 28, 00, 00, FF, 15, 88, 71, 41, 00, A3, A0, 0C, 42, 00, E8...
 
[+]

Code size:
88 KB (90,112 bytes)

The file قط على سطح المكتب (زيزوم نت ).exe has been seen being distributed by the following 12 URLs.

http://www.wynnea.com/.../felix.exe