home

additionaloffers-setup.exe

MD5:
13e4b0c613358a7d701622e85f709d06

SHA-1:
eedfabda176bed0504d5f5183c81359e88bad1a1

SHA-256:
7f1b131b2a343a0ddb18c8b00cd2d64cfb29becfb91de7e12108be9766f913f6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 10:50:12 AM UTC  (today)

File size:
759.5 KB (777,704 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\additionaloffers-setup.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
12288:Sg2eXgcAoipKnOyVywZQxZs3j2Au/WcbR4Gw5mcAZ4mxTr+raEsSD0H3i3ggQL:3duInOyVKy3yAu/Wcb9ImxTr+rB4S6L

Entry point:
00, 00, 00, 4E, 0C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 06, 1A, 31, B7, 91, 2A, 3A, DD, 25, E3, A1, DB, 6E, D7, 23, 0E, 09, 00, 01, 00, 04, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, D5, 2E, 00, 00, 00, 00, 20, 00, 00, 00, A5, 48, F2, 72, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, DE, 08, 00, 00, 00, 00, 00, 00, DE, 08, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D1, 49, BA, 05, 16, 08, 62, 91, C8, 00, FD, 51, AF, 73, A3, A6, 00, 00, 12, 00, 49, 01, 00...
 
[+]

Entropy:
7.0213

The file additionaloffers-setup.exe has been seen being distributed by the following URL.

http://files4.downloadmaster1.com/download/.../dl?bc=1188307&pid=kmp&brand=kmplayer.com&s=noprimary&country=TH&cb=75270574&osName=unknown&browserName=unknown&zTmp=1&executable=1188295

Scan additionaloffers-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.