חמאס מפרסם סרטון כך חטפנו את החייל שאול אהרון.mp4.exe

The application חמאס מפרסם סרטון כך חטפנו את החייל שאול אהרון.mp4.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. The file has been seen being downloaded from www.goo.gl.
Version:
0.0.0.0

MD5:
2f96bbcbfecc43bf9f245fa25d3645ab

SHA-1:
ece2cac25e3f3d8bd1f2a76eab4061a7a5fb98df

SHA-256:
eee52113caec531fd5befceb1a1e6205c585d2775bc4ed70196c22c5962fa2dd

Scanner detections:
27 / 68

Status:
Potentially unwanted

Analysis date:
11/2/2024 3:25:17 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Barys.743
258

Agnitum Outpost
Trojan.Inject
7.1.1

Avira AntiVirus
TR/Bladabindi.A.1280
7.11.172.168

avast!
MSIL:GenMalicious-KX [Trj]
2014.9-160521

AVG
MSIL4
2017.0.2736

Baidu Antivirus
Trojan.MSIL.Inject
4.0.3.16521

Bitdefender
Gen:Variant.Barys.743
1.0.20.710

Comodo Security
UnclassifiedMalware
19538

Emsisoft Anti-Malware
Gen:Variant.Barys.743
8.16.05.21.11

ESET NOD32
MSIL/Injector.CJJ (variant)
10.10429

F-Secure
Gen:Variant.Barys.743
11.2016-21-05_7

G Data
Gen:Variant.Barys.743
16.5.24

IKARUS anti.virus
Trojan.Win32.Agent
t3scan.1.7.8.0

K7 AntiVirus
Unwanted-Program
13.183.13393

Kaspersky
Trojan.MSIL.Inject
14.0.0.175

Malwarebytes
Backdoor.Agent.RDL
v2016.05.21.11

McAfee
RDN/Generic.dx!d2h
5600.6392

Microsoft Security Essentials
Trojan:Win32/Dynamer!ac
1.11005

MicroWorld eScan
Gen:Variant.Barys.743
17.0.0.426

NANO AntiVirus
Trojan.Win32.Inject.dcwofn
0.28.2.62151

Norman
Troj_Generic.VCMMQ
11.20160521

Panda Antivirus
Trj/CI.A
16.05.21.11

Qihoo 360 Security
Win32/Trojan.791
1.0.0.1015

Quick Heal
Trojan.MSI.r3
5.16.14.00

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_GEN.R00JC0OGQ14
7.2.142

VIPRE Antivirus
Trojan.Win32.Generic
33188

File size:
531.5 KB (544,256 bytes)

Product version:
0.0.0.0

Original file name:
DAFA.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\חמאס מפרסם סרטון כך חטפנו את החייל שאול אהרון.mp4.exe

File PE Metadata
Compilation timestamp:
7/23/2014 9:04:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:JLqYeXoCx42INde48XUIUDL2/qm7bDSnqBFQ9aP8Z56MPPxbZ:JjhCAcUP9aI56MPPxbZ

Entry address:
0x6DF28

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.9555

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
432 KB (442,368 bytes)

The file חמאס מפרסם סרטון כך חטפנו את החייל שאול אהרון.mp4.exe has been seen being distributed by the following URL.