1_offer_2.exe

The application 1_offer_2.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from fastdl1.us.
MD5:
7a90ba89d82d37bbb87fd8f5e2da6a8b

SHA-1:
59f8f8786ea506047621f857ae11e00fd4352272

SHA-256:
07215c7cc5396a553bdfc2537a8ccb598531b887051fe811a2f09884b25598c4

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 10:48:12 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BundledOffer.Meta (L)
16.3.14.19

File size:
339 Bytes

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\1_offer_2.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6:qzmSOvDn7jAs9Q7g2rGANFGbsIM4mGvmQaK4fGO2hUYMWXz:kDuD7jD9QEEGoFGYIM4mPQaK4BE/MWj

Entry point:
3C, 68, 74, 6D, 6C, 3E, 3C, 62, 6F, 64, 79, 3E, 3C, 62, 3E, 54, 68, 65, 20, 70, 61, 67, 65, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 64, 69, 73, 70, 6C, 61, 79, 65, 64, 20, 62, 65, 63, 61, 75, 73, 65, 20, 61, 6E, 20, 69, 6E, 74, 65, 72, 6E, 61, 6C, 20, 73, 65, 72, 76, 65, 72, 20, 65, 72, 72, 6F, 72, 20, 68, 61, 73, 20, 6F, 63, 63, 75, 72, 72, 65, 64, 2E, 3C, 2F, 62, 3E, 3C, 73, 63, 72, 69, 70, 74, 3E, 76, 61, 72, 20, 67, 6C, 6F, 62, 61, 6C, 20, 3D, 20, 5B, 22, 50, 69, 6D, 7A, 65, 68, 73, 51, 36, 58, 54...
 
[+]

Entropy:
5.1983

The file 1_offer_2.exe has been seen being distributed by the following URL.

Remove 1_offer_2.exe - Powered by Reason Core Security