еврейская народная песня - 7-40 (одесская).exe

Vkontakte DJ Installer

The application еврейская народная песня - 7-40 (одесская).exe has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from setup.vkdjmusic.com and multiple other hosts.
Product:
Vkontakte DJ Installer

Version:
1.9.1.18

MD5:
164fb35b630147f9b762bc86d5abd56a

SHA-1:
4d74cb370296bb087dc5a3bed61fbf8dc58e81cf

SHA-256:
d2d23d5c2009308204da2ce557411e30efb203ddc6675b3f3aa377e52a6c8a6f

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 7:34:25 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Program.VKontakteDJ.6
9.0.1.0276

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.1333

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Rising Antivirus
PE:Malware.RDM.40!5.2E[F1]
23.00.65.151001

File size:
562 KB (575,488 bytes)

Product version:
1.9.1.18

Copyright:
Copyright © 2015

Original file name:
DjLoader.exe

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
9/30/2015 12:39:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:W1gBtFb4P7qsKQ0jnAt4BknkA3F2n/QzKsDBtFC:WgJb4DBKQ0jnpBknk624usDJC

Entry address:
0x6A98E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
418.5 KB (428,544 bytes)

The file еврейская народная песня - 7-40 (одесская).exe has been seen being distributed by the following 23 URLs.

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=Samo Zaen - Leanek Ma3aya (English Subtitles)

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=?????? ??????? VS ??????? ?????? - ??, ? ????????? ???? - «???» -"????? ??????". ????????????????

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=Techno Blade Trinity Soundtrack - Crystal Method

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=?????? ??????? - ?? ????????, ?????? ??????

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=HIROSHIMA - What's it to ya 1985

http://setup.vkdjmusic.com/.../?advert_key=ZWMwMDAxMDBiNDAwMDMwNjAwMDAwMzEyMDAwMzEyMDAwMzEyNTZjZTg2MTcwZg==&name=???????? "????? - ???????