home

b2.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from b2-31d2.kxcdn.com.
MD5:
0701ec5db752ea6496b36388316a202d

SHA-1:
0363952c7c8d6e5b508d84ccfe3dca14fc1343ba

SHA-256:
891c68b2e7da6d5ec1ba907be192a261225457d3f97fcde0f95b3af400640ee2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 6:23:51 AM UTC  (today)

File size:
159.4 KB (163,234 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\b2.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
3072:gkciMyLgI/yk3yElpJ4DHPJm2DAQ8Rr1AmhPS0deJl+DyIslLQi:MhoRxl+JODpAK1deJUDwLQi

Entry point:
F2, 41, 89, 8F, 4A, 4F, 09, D5, 4F, 1B, EC, 6A, 02, 8F, 5C, B5, A6, 96, 4D, BB, 8E, 97, E8, 4C, 22, 72, 19, BF, 65, AC, 57, 2B, 76, 09, 11, 03, 72, EA, 96, B8, 7F, 51, 87, 20, 8C, 9D, 57, 24, 15, 16, 9B, BD, AD, DF, 5B, 9E, 20, 03, 38, 22, 7D, D1, 5F, B4, 2E, E7, 4E, 67, 0D, BB, F4, CF, 44, 48, 34, C5, 7C, 7A, F7, 6B, A7, 0B, 66, 89, 5F, AA, EF, 2A, E9, 7F, AA, 52, 5A, F9, D7, F9, 43, 13, 29, E5, CF, 93, 0F, 15, 7D, DA, 21, 94, 0D, FE, 4A, BC, 6A, B0, B3, 2A, 1D, D2, 69, 41, D7, 31, 19, 1F, C9, 8D, 30, C2...
 
[+]

The file b2.exe has been seen being distributed by the following URL.

http://b2-31d2.kxcdn.com/B2.exe

Scan b2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.