home

avataria cheat (c).exe

This is a setup program which is used to install the application. The file has been seen being downloaded from wedmak.ru.
MD5:
dc0dccc01c15093be4bb5ad843627cd1

SHA-1:
e373cf4285225bacd0afa0d9dee969b02a6ceacb

SHA-256:
8d61863b65cb9b475ba8daa32fa0021f904c48707bc68d700e619c430f220b9f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 2:55:34 AM UTC  (today)

File size:
1.2 KB (1,260 bytes)

File type:
Executable application (Win64 EXE)

File PE Metadata
Compilation timestamp:
1/28/2072 7:51:12 PM

OS bitness:
Win64

Subsystem:

Linker version:
0.140

.NET CLR dependent:
Yes

CTPH (ssdeep):
24:8+0OYfI4mMDyibVoFNedFelHZyhgcpZPhGKCCxy81teB38cZy:8D3mMDMFNedQzA1WCxl6B

Entry address:
0x7201D0DE

Entry point:
4C, 00, 00, 00, 01, 14, 02, 00, 00, 00, 00, 00, C0, 00, 00, 00, 00, 00, 00, 46, 9B, 00, 08, 00, 20, 00, 00, 00, 8C, D8, 22, DE, F8, BE, D0, 01, 8C, 05, 0E, 19, 6A, DE, D0, 01, 72, 96, 20, 07, 6A, DE, D0, 01, F1, 17, 72, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1A, 01, 48, 00, 31, 00, 00, 00, 00, 00, 19, 47, DC, 55, 11, 00, 49, 4F, 00, 00, 36, 00, 09, 00, 04, 00, EF, BE, 9B, 45, 08, 85, 19, 47, DC, 55, 2E, 00, 00, 00, FE, 54, 00, 00, 00, 00, B0, 00, 00, 00, 00, 00...
 
[+]

The file avataria cheat (c).exe has been seen being distributed by the following URL.

http://wedmak.ru/Avataria Cheat (c).exe

Scan avataria cheat (c).exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.