home

activedancer.exe

Active Dancer

ActiveDancer.com

This is a setup and installation application. The file has been seen being downloaded from www.activedancer.com.
Publisher:
ActiveDancer.com

Product:
Active Dancer

Description:
Self-Extracting Package for Active Dancer Installer

Version:
6.0.0.1

MD5:
9ff991c435274340ddb200ed6b07a875

SHA-1:
e2ae4a5655dd3e911b503d11dedda87b1ff7e217

SHA-256:
71a640142651e166605b3c11c20e5d5f3c71a2914f74914c3d8ec8ced9850136

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/27/2024 1:28:50 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.KillFiles.27496
9.0.1.05190

ViRobot
Trojan.Win32.A.Agent.689865[h]
2014.3.20.0

File size:
673.7 KB (689,865 bytes)

Product version:
6.0.0.1

Copyright:
Copyright ActiveDancer.com

Trademarks:
ActiveDancer.com

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\activedancer.exe

File PE Metadata
Compilation timestamp:
4/13/2015 6:00:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
12288:Njc4N/E8oAGZtdbGKM5If5WAnoHwRqwI0rQ+D+vDiE2ucvfbD80ikjqMad:a/8oAGZDViq5dmwlrjy+E2uMf83eG

Entry address:
0xB960

Entry point:
55, 89, E5, 6A, FF, 68, 54, 3D, 41, 00, 68, 48, CF, 40, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 83, EC, 08, 83, EC, 48, 53, 56, 57, 89, 65, E8, 68, 00, 00, 00, 02, E8, FD, 2E, 00, 00, 59, A3, A4, 50, 41, 00, E8, 12, 19, 00, 00, 85, C0, 74, 2F, C7, 45, FC, 00, 00, 00, 00, E8, 32, 1B, 00, 00, E8, ED, 1B, 00, 00, E8, 38, 1C, 00, 00, E8, 33, 20, 00, 00, E8, CE, 20, 00, 00, BB, 60, 4D, 41, 00, 81, FB, 60, 4D, 41, 00, 73, 1C, EB, 0D, 6A, FE, E8, 88, 21, 00, 00, 59, E9, 91, 00, 00, 00, FF, 13...
 
[+]

Entropy:
7.6049

Code size:
68.5 KB (70,144 bytes)

The file activedancer.exe has been seen being distributed by the following URL.

http://www.activedancer.com/.../ActiveDancer.exe

Scan activedancer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.