home

beat hazard.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s10068.chomikuj.pl.
MD5:
0d7087266fbd75bc8e0620711c3f9ecf

SHA-1:
6ce50daec57ac6455879dec30ff1019767f25fd0

SHA-256:
efb68e9b0a1d146be6c3ca2dde8f977f6865a6eaf01b53b995f71324934a789e

Scanner detections:
6 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/16/2024 4:50:31 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/FRBR
7.1.1

AhnLab V3 Security
Trojan/Win32.HDC
2015.05.02

F-Prot
W32/Heuristic-210
v6.4.7.1.166

Norman
Packed_spybot_gen6.A
11.20160102

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.151231

VIPRE Antivirus
Packed.Win32.Krunchy
39874

File size:
31.8 MB (33,352,091 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\beat hazard.exe

File PE Metadata
Compilation timestamp:
5/22/2007 6:59:14 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
786432:H6Tfb8TeSfEhL0BB7+2rfBwlY4WCFEuf0Ii0zrycRxIG:aTK8ed+2rpLkScTIG

Entry address:
0xE792

Entry point:
BD, 08, 02, 3E, 00, C7, 45, 00, 2C, 01, 3D, 00, FF, 4D, 08, C6, 45, 0C, 05, 8D, 7D, 14, 31, C0, B4, 04, 89, C1, F3, AB, BF, EC, E1, 3E, 00, 57, BE, 83, E8, 3D, 00, 31, C9, 41, FF, 4D, 0C, 8D, 9C, 8D, A0, 00, 00, 00, FF, D6, 10, C9, 73, F3, FF, 45, 0C, 91, AA, 83, C9, FF, 8D, 5C, 8D, 18, FF, D6, 74, DD, E3, 17, 8D, 5D, 1C, FF, D6, 74, 10, 8D, 9D, A0, 08, 00, 00, E8, EC, 00, 00, 00, 8B, 45, 10, EB, 42, 8D, 9D, A0, 04, 00, 00, E8, DC, 00, 00, 00, 49, 49, 78, 40, 8D, 5D, 20, 74, 03, 83, C3, 40, 31, D2, 42, E8...
 
[+]

Packer / compiler:
kkrunchy

Code size:
80 KB (81,920 bytes)

The file beat hazard.exe has been seen being distributed by the following URL.

http://s10068.chomikuj.pl/File.aspx?e=cTqGBlmpMRKnp51TXUHUZI3WDXck-FeFEcs8Z_bPIRMkFSO5yZPCFhlTLtjkDjH6qRYLD6XYGjMfiZe9ncbsZosh1pGpAqoAxv5RPDe3EsRlVwn0PaIwRS1_oo0W3kUUDj05TCwtjD5kyz2XPS98Gg&pv=2

Scan beat hazard.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.