» 90ms.exe
Overview
Analysis
File Details
Downloads (141)

90ms.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www118.zippyshare.com and multiple other hosts.

File name:

90ms.exe

Version:

1, 0, 48, 05

MD5:

a511f57676793c3827ec568490e6fa65

SHA-1:

e29f5a0f8535d630fc95b61e51fac7784e6b0cfb

SHA-256:

544c419f5e58ed417d8807a0fdab068e5456126f783e62c703e228d175405efa

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/23/2024 7:56:51 AM UTC (today)

Scan engine

Detection

Engine version

ViRobot

Trojan.Win32.Downloader.216960[h]

2014.3.20.0

File size:

209.7 KB (214,770 bytes)

Product version:

1, 0, 48, 05

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\90ms.exe

File PE Metadata

Compilation timestamp:

9/25/2009 8:57:32 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

6144:kZC4d3lbxc6wU/UP+XhdMRFD3LAwektloSTHfE:14dMRU/UP4heFjLDFtloSI

Entry address:

0x73020

Entry point:

60, BE, 00, 30, 44, 00, 8D, BE, 00, E0, FB, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, A7, 18, 07, 00, 57, 83, C3, 04, 53, 68, 0F, 00, 03, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Code size:

196 KB (200,704 bytes)

The file 90ms.exe has been seen being distributed by the following 50 URLs.

http://www118.zippyshare.com/d/gLUvBz2q/.../90ms.exe

http://download1729.mediafire.com/g5btzxxb13ig/.../mc glowa.exe

http://www.speedyshare.com/j3RMd/fc463fc7/.../90ms.exe

http://download1729.mediafire.com/50igzoatxfwg/.../90ms.exe

http://199.91.152.229/632o2f6ie4rg/.../90ms.exe

http://download1729.mediafire.com/5qwlwvg75cxg/.../mc glowa.exe

http://www.speedyshare.com/j3RMd/f2f1b955/.../90ms.exe

http://download1723.mediafire.com/fchc0fc5j5jg/.../90ms.exe

http://download1723.mediafire.com/5e9f8bws19fg/.../90ms.exe

http://www118.zippyshare.com/d/gLUvBz2q/.../90ms.exe

http://www.speedyshare.com/j3RMd/7cbe3f08/.../90ms.exe

http://www118.zippyshare.com/d/gLUvBz2q/.../90ms.exe

http://www.speedyshare.com/j3RMd/d2e89a2b/.../90ms.exe

http://www118.zippyshare.com/d/gLUvBz2q/.../90ms.exe

http://download1723.mediafire.com/baycwoggk49g/.../mc glowa.exe

http://download1723.mediafire.com/t9qt4z6m4idg/.../mc glowa.exe

http://download1723.mediafire.com/v2s4fcr119gg/.../mc glowa.exe

http://download1723.mediafire.com/sauyk1h1j9tg/.../mc glowa.exe

http://download1729.mediafire.com/oc9u0fba6srg/.../90ms.exe

http://download1729.mediafire.com/wnn8y1p41big/.../mc glowa.exe

http://www.speedyshare.com/j3RMd/dfb738e7/.../90ms.exe

http://www.speedyshare.com/j3RMd/bc0a7846/.../90ms.exe

http://download1729.mediafire.com/ps25c3k35cng/.../mc glowa.exe

http://www.speedyshare.com/j3RMd/c6e526ed/.../90ms.exe

http://www118.zippyshare.com/d/gLUvBz2q/.../90ms.exe

http://download1723.mediafire.com/hikg2f00arrg/.../mc glowa.exe

http://www.speedyshare.com/j3RMd/17866375/.../90ms.exe

http://download1723.mediafire.com/rgqyo7d164ug/.../mc glowa.exe

http://download1723.mediafire.com/9mnx0l702gqg/.../mc glowa.exe

Latest 30 of 141 download URLs

Scan 90ms.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.