artmoney733-spaces.ru.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from cs8f.userfiles.me.
MD5:
8ff36a478c91ef30694951cb0a4e47fe

SHA-1:
7b5f47893b9b664d456edad1284f3cba86290265

SHA-256:
6d81dca2ad0eede1280fea51f85c755f344d18af5fad927ec48b344e3ef54f95

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 12:43:45 AM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/MalwareF.LWIE
v6.4.7.1.166

K7 AntiVirus
Riskware
13.175.10814

File size:
762 KB (780,288 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\artmoney733-spaces.ru.exe

File PE Metadata
Compilation timestamp:
6/20/1992 2:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:z+aOvaKiP4QMg+i5rAKkqoUtFB6ynrv09y6hIGjEbQllWb28Wh:zLCaKa4QMgLPkqfnr8w/ijWbb

Entry address:
0x2D2001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 20, 2D, 00, 83, BD, 22, 04, 00, 00, 00, 89, 9D, 22, 04, 00, 00, 0F, 85, 65, 03, 00, 00, 8D, 85, 2E, 04, 00, 00, 50, FF, 95, 4D, 0F, 00, 00, 89, 85, 26, 04, 00, 00, 8B, F8, 8D, 5D, 5E, 53, 50, FF, 95, 49, 0F, 00, 00, 89, 85, 4D, 05, 00, 00, 8D, 5D, 6B, 53, 57, FF, 95, 49, 0F, 00, 00, 89, 85, 51, 05, 00, 00, 8D, 45, 77, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72...
 
[+]

Packer / compiler:
ASPack v2.12

Code size:
2.1 MB (2,233,856 bytes)

The file artmoney733-spaces.ru.exe has been seen being distributed by the following URL.

Scan artmoney733-spaces.ru.exe - Powered by Reason Core Security