b4.exe

Setup

Open Source

This is a self-extracting archive and installer. The file has been seen being downloaded from b4-31d2.kxcdn.com.
Publisher:
Open Source

Product:
Setup

Version:
1.2

MD5:
8bfe5c3331510989280796490806c70b

SHA-1:
b247ab6f89761de740d0c292c2e07f60216eb1fe

SHA-256:
98190b048ed16b834fde4bcf9baa2bb75cf970b9743039d4d8f317b6eff93bc1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:31:14 PM UTC  (today)

File size:
4.9 MB (5,129,381 bytes)

Product version:
1.2

Copyright:
2015 - Open Source

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\b4.exe

File PE Metadata
Compilation timestamp:
8/5/2015 2:47:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:Pfrc3J+LXSwLyOVzJ8HylJzotOfrzQBin3kU4M7BAuPMYy/cR9WvwCT:g38mwLyOHllYekU4M7BA2IcvWpT

Entry address:
0x3217

Entry point:
60, 0C, 6C, F6, C2, A8, C7, C1, 12, BA, 7E, 6A, 31, CD, 69, FD, F0, 51, D3, A8, 85, C6, 0F, BE, EF, 89, C6, 87, C9, F3, 12, C5, 33, D7, 81, FF, 14, 95, 00, 00, 71, 07, 8B, F2, B7, A9, F6, C5, 7F, F2, 0F, AF, C8, B9, 00, 00, 00, 00, 89, C6, 88, EC, 33, D2, C6, C7, E4, 8D, 1D, FA, 3D, 94, C8, 69, E9, 00, CE, 26, 37, 81, C1, E4, 04, 00, 00, 43, 85, F3, 0F, BF, DA, 81, E9, E3, 04, 00, 00, 76, 06, 8D, 35, 7F, F5, 31, 8A, 86, DB, 28, F0, 2C, 9E, 81, FA, 4C, C8, 00, 00, 76, 09, F2, 69, DF, B3, 21, 7C, 91, 84, D7...
 
[+]

Code size:
23.5 KB (24,064 bytes)

The file b4.exe has been seen being distributed by the following URL.

Scan b4.exe - Powered by Reason Core Security