home

AODrag.exe

AODrag

This is a setup program which is used to install the application. The file has been seen being downloaded from www.aodrag.es.
Publisher:
AODrag

Product:
AODrag

Version:
8.00.0012

MD5:
c35602f1b14b6ae5db8f855ec0980da8

SHA-1:
084003784485a5d25f0ffc36380aef88798bb43c

SHA-256:
b41cd3acf0904e5cbc2a64b19a08a5eb2e97fe8bc9e4c8f4aecd92ec7b9c222b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 11:35:27 AM UTC  (today)

File size:
3.1 MB (3,215,360 bytes)

Product version:
8.00.0012

Copyright:
AODrag mod de Argentum Online programado por Lorwik -JuegosDrag.es

Original file name:
AODrag.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\aodrag.exe

File PE Metadata
Compilation timestamp:
2/21/2016 1:19:25 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:CJzTIh3Nsv6HjiG6xLdkVST7rUKEpXRONtqIyJt/m9MqzCnkmqnPd/36rAFz8x+z:CJzTysSGGCH7fEeVyHIXzBPMAO

Entry address:
0x78FC

Entry point:
68, 9C, 7F, 40, 00, E8, EE, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, AD, 28, 2B, 11, 12, 35, B5, 4C, 96, 53, C4, 46, 2D, 1E, FA, F9, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 41, 4F, 44, 52, 41, 47, 43, 6C, 69, 65, 6E, 74, 65, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 3E, 00, 00, 00, E8, F9, F0, BE, 99, 53, D3, 41, 90, 07, BE, A7, 6C, 1D, C9, E5, 01, 00, 00, 00, A0, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
3 MB (3,194,880 bytes)

The file AODrag.exe has been seen being distributed by the following URL.

http://www.aodrag.es/updater/.../AODrag.exe

Scan AODrag.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.