home

b2.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from b2-31d2.kxcdn.com.
MD5:
a808fc23086cb3e9313d5244ec18d300

SHA-1:
0f31b09193123af5a736d1a528040e27797ef661

SHA-256:
9d486b8935caf92c211c6a0c113f8810afb5f7051004859713a9e00bb436f9c0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 6:58:11 AM UTC  (today)

File size:
7.4 KB (7,586 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\b2.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
192:zwcDnU1ev09e3eEIpPsyRBHvnFQgQ3XWHo0tMZZgp2:scDUlj/PZ7vnFQZ3XWI64

Entry point:
AE, E3, F9, CE, C7, E5, 62, 00, 0D, 97, 54, BA, 04, 1C, 2C, E1, 2C, DA, 41, 8A, 0C, 14, CF, C4, 4C, 33, 64, 57, 91, DF, 75, 71, 25, 15, F0, C6, 75, B7, 73, C8, 8E, 93, 1A, 4B, C1, 5F, F9, FD, 9E, 0F, 78, 5F, B4, E0, 7F, A7, BE, 53, 09, 30, 32, 65, C9, 85, A1, 0D, 9B, 1E, 13, D4, 70, F0, 09, F3, E4, 2B, CB, 54, 0A, 59, 64, BE, 65, F5, 62, 07, 98, C5, 53, 3E, 8E, 0B, 96, C1, 7E, 4F, 3C, 93, B6, 18, DC, CC, 75, E1, 53, 58, 3E, 84, 76, 6C, 16, 07, AA, DC, CD, 00, F4, EA, 50, 28, 86, DA, 8C, 22, 56, 91, CC, 15...
 
[+]

The file b2.exe has been seen being distributed by the following URL.

http://b2-31d2.kxcdn.com/B2.exe

Scan b2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.