5.31.f.exe

The program is a setup application that uses the Self-extracting archive installer. The file has been seen being downloaded from fileshare1060.depositfiles.org and multiple other hosts.
MD5:
bf98a1ee7d1b9c0c9f98e245358ace9e

SHA-1:
139cd4c0df1a0ec1265929f9be3e5ca3dec65555

SHA-256:
423021974455a4cfae124d5aba8a4b1454bc7bfc48dd0d093ed85df2c4d14d3f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/16/2024 5:54:29 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
QVM10.1.Malware.Gen
1.0.0.1120

File size:
3.9 MB (4,128,424 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Self-extracting archive

Common path:
C:\users\{user}\downloads\5.31.f.exe

File PE Metadata
Compilation timestamp:
2/15/2015 2:00:31 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:BFn+uDv5p1YRlTCR+CAz8rKGAzuwJTbTNoEtCt:DnDvu3+OsZpwJ/pC

Entry address:
0x1D7CB

Entry point:
E8, 85, 63, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 82, FC, FF, FF, C7, 06, 20, B2, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, 20, B2, 42, 00, E9, 37, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, 20, B2, 42, 00, E8, 24, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 52, CA, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08...
 
[+]

Entropy:
7.9867  (probably packed)

Code size:
162 KB (165,888 bytes)

The file 5.31.f.exe has been seen being distributed by the following 50 URLs.

http://fileshare1060.depositfiles.org/auth-1462813469765ff4d89f70b8f391dcc4-190.143.47.170-2558183194-165804997-guest/.../5.31.F.exe

blob:BC06C080-BB05-4307-9441-E651F0F8F41A

http://fileshare1060.depositfiles.org/auth-1457519399d7ab981dd09fc3bd41b795-190.31.105.213-2493091234-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-1462234182c7d7b040016b18470d8ab6-181.91.28.244-2551472179-165804997-guest/.../5.31.F.exe

blob:298C80CD-3A46-4014-8A39-629A4865349A

blob:2477571E-3C75-4DF4-A7A4-64893B436A17

http://fileshare1060.depositfiles.org/auth-14570385709843a328a16c6084bc0e6e-201.191.85.236-2487266771-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-1462169730294caa711d58f3b69f45d9-201.119.228.93-2550675205-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-1467644934fa987de5e762f1395b994c-181.44.212.10-2612229080-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-145982940938292d06b4507b4bcb9447-189.249.46.181-2522457386-165804997-guest/.../5.31.F.exe

blob:9501286B-5571-4183-91B6-51694EAC41DE

http://fileshare1060.dfiles.eu/auth-146523213611251cf64f55174c68f214-88.6.149.172-2585834155-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-1464295127b45227fafd9ff3e178af32-190.217.168.39-2575147294-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-1459963296bb8741cfe3257440b90616-190.45.80.57-2524117972-165804997-guest/.../5.31.F.exe

http://fileshare1060.dfiles.eu/auth-146188313319f5b171b11295b25f1ddd-88.21.19.210-2547360114-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-147025548444512ad6315440e73b0f79-187.190.21.11-2639906685-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-14644718107893e3d5cb32eab5229a07-179.57.65.249-2577185709-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-1466194756c5f9fa46eb4da5c6e00753-181.113.97.12-2596603211-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-1465599821d7b69511c6b50591910aaa-186.19.12.73-2589907677-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.com/auth-146587065517402456f0b98765a24500-41.174.153.137-2592993602-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-146449684341f472b1c22dac889ab151-201.141.152.150-2577433008-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.com/auth-14688793219f2d99d4592bb57e22bd93-74.139.159.122-2625030133-165804997-guest/.../5.31.F.exe

http://fileshare1060.depositfiles.org/auth-1464637137debe4253824dd6e5a86661-190.191.176.122-2579116304-165804997-guest/.../5.31.F.exe

blob:49E373A9-28DE-44D9-BAA2-31BD70EB53D3

blob:3EC4BF6A-E155-4ECE-AEED-3D409FDAA2C9

blob:BCA4DC01-D298-4DB6-ADE5-E009097072C6

http://fileshare1060.dfiles.eu/auth-14682525943d762656fa13219e647b10-5.225.36.242-2618571783-165804997-guest/.../5.31.F.exe

http://fileshare1060.dfiles.eu/auth-1461763003ab6824b5058334c93a9daa-90.163.253.131-2545893859-165804997-guest/.../5.31.F.exe

http://s24.copiapop.com/download?e=VAmYjJtAIwlTd3sH6PEPt_pdkMd1jgzcQNaeAQgj9lw1psH5G2Z4xKDAprwkTcx3eGgL0ksC2EV9tbamewlHP_NzcHSd-nH16sXNFc4KM3ppW5xJRIBJ2iUPCq7FZlWUHRaRl7MPlupe0RJeZ9pvQ0FTfriZgFMqpOM2no362-xIj_KJAGSb0PCfPZm0MzsZ

temp:WR5.31 by AGT.exe

Latest 30 of 62 download URLs

Scan 5.31.f.exe - Powered by Reason Core Security