7z428-spaces.ru.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from cs09.superfiles.me.
MD5:
9da43d6dc7316cf1d7b288b8acda0c72

SHA-1:
2f7858ddc90ef9b0a30233a47de531acf9c7c330

SHA-256:
ca1624d65bd5fcd814fa398a303e7f347c8f868ca658a959a8be075650aef4dc

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 2:41:45 AM UTC  (today)

Scan engine
Detection
Engine version

Zillya! Antivirus
Dropper.Dinwod.Win32.1811
2.0.0.2647

File size:
1 MB (1,088,662 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\7z428-spaces.ru.exe

File PE Metadata
Compilation timestamp:
8/26/2005 2:19:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:iDtgiIDooNbumgy8M12Y0xavwS71vnBCCzO/t:iBgieB4a7lngt

Entry address:
0x3335

Entry point:
83, EC, 20, 53, 55, 56, 33, F6, 57, 89, 74, 24, 18, BD, 68, 91, 40, 00, 89, 74, 24, 14, C6, 44, 24, 10, 20, FF, 15, 30, 70, 40, 00, 56, FF, 15, 80, 72, 40, 00, 68, 8C, 92, 40, 00, 68, 60, 3B, 42, 00, A3, 10, 44, 42, 00, E8, D8, 27, 00, 00, BB, 00, B4, 42, 00, BF, 00, 04, 00, 00, 53, 57, FF, 15, B4, 70, 40, 00, E8, 79, FF, FF, FF, 85, C0, 75, 24, 68, FB, 03, 00, 00, 53, FF, 15, 58, 71, 40, 00, 68, 84, 92, 40, 00, 53, E8, B2, 27, 00, 00, E8, 59, FF, FF, FF, 85, C0, 0F, 84, 46, 01, 00, 00, BE, 00, A0, 42, 00...
 
[+]

Code size:
22.5 KB (23,040 bytes)

The file 7z428-spaces.ru.exe has been seen being distributed by the following URL.

Scan 7z428-spaces.ru.exe - Powered by Reason Core Security