» bf4.exe
Overview
Analysis
File Details
Downloads (29)

bf4.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from fileshare1140.dfiles.eu and multiple other hosts.

File name:

bf4.exe

MD5:

414ca546860ecdd541284f21d60e4c5c

SHA-1:

a7b495a713fcd92c194cfd20e5d94dd3d9f04bf4

SHA-256:

95afcfa9beb7a4184fb4532552a2b53a4a57c0d884d857944252792145baa4b6

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/26/2024 2:33:12 PM UTC (today)

File size:

52.2 MB (54,684,385 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\bf4.exe

File PE Metadata

Compilation timestamp:

12/1/2013 9:08:28 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

98304:BcZ8beKc95OLIc8IXi8Hb5sJRhGFY1b+RSlocBNkuJhg38ckP6ANhkFnFBADADkF:JbO5iry898RhGKCRyoczRTJcBssqtYy3

Entry address:

0x108AF

Entry point:

E8, 9C, 58, 00, 00, E9, 78, FE, FF, FF, 55, 8B, EC, 83, EC, 04, 89, 7D, FC, 8B, 7D, 08, 8B, 4D, 0C, C1, E9, 07, 66, 0F, EF, C0, EB, 08, 8D, A4, 24, 00, 00, 00, 00, 90, 66, 0F, 7F, 07, 66, 0F, 7F, 47, 10, 66, 0F, 7F, 47, 20, 66, 0F, 7F, 47, 30, 66, 0F, 7F, 47, 40, 66, 0F, 7F, 47, 50, 66, 0F, 7F, 47, 60, 66, 0F, 7F, 47, 70, 8D, BF, 80, 00, 00, 00, 49, 75, D0, 8B, 7D, FC, 8B, E5, 5D, C3, 55, 8B, EC, 83, EC, 10, 89, 7D, FC, 8B, 45, 08, 99, 8B, F8, 33, FA, 2B, FA, 83, E7, 0F, 33, FA, 2B, FA, 85, FF, 75, 3C, 8B... 
[+]

Code size:

98 KB (100,352 bytes)

The file bf4.exe has been seen being distributed by the following 29 URLs.

http://fileshare1140.dfiles.eu/auth-1485351616d931f29b754d56882400e0-2.227.192.255-96647852-163793237-guest/.../BF4.exe

http://fileshare1140.dfiles.eu/auth-1486409223550c30f62e951e4165c5d1-89.228.238.185-105890037-163793237-guest/.../BF4.exe

http://fileshare1140.dfiles.eu/auth-1486937309ef5511b74eda95bed35c2a-109.93.192.4-110514609-163793237-guest/.../BF4.exe

http://fileshare1140.dfiles.eu/auth-14838137204f078676de86686ff07424-83.205.106.244-83584822-163793237-guest/.../BF4.exe

http://fileshare1140.depositfiles.com/auth-14785414719475d6d2aeaed90ed1ab92-188.143.21.70-32847056-163793237-guest/.../BF4.exe

http://fileshare1140.depositfiles.com/auth-1478368686ed083c20b93314f3b1dde7-108.211.201.64-31097106-163793237-guest/.../BF4.exe

http://fileshare1140.dfiles.eu/auth-147855546127d492fea6eb6f615229d4-213.233.88.122-33008964-163793237-guest/.../BF4.exe

http://fileshare1060.dfiles.eu/auth-1475944263451886fc9569768283bf72-92.240.170.71-6207010-163793237-guest/.../BF4.exe

http://fileshare1060.depositfiles.com/auth-1467674219bf260c6fe061a6222e0126-156.208.99.216-2612563839-163793237-guest/.../BF4.exe

http://fileshare1140.dfiles.eu/auth-1480502607e5209b293905e224d44b53-83.21.238.3-52173637-163793237-guest/.../BF4.exe

http://fileshare1060.dfiles.eu/auth-14758770917687272f2f5b0760cbc3cd-94.27.172.225-5469443-163793237-guest/.../BF4.exe

http://fileshare1140.dfiles.eu/auth-1481142425015ba3b8d478fec7a4f601-95.236.216.144-58530611-163793237-guest/.../BF4.exe

http://fileshare1060.depositfiles.com/auth-1474122670782f0a498c75b0f05cc0bd-98.27.156.109-2684411476-163793237-guest/.../BF4.exe

http://fileshare1140.dfiles.eu/auth-1478292161b085b150bd637c4ee7c7d9-185.115.9.237-30305158-163793237-guest/.../BF4.exe

http://fileshare1140.depositfiles.com/auth-1478282022c6fc25b3a08459be14582b-49.158.65.247-30176278-163793237-guest/.../BF4.exe

http://fileshare1140.depositfiles.com/auth-14807090403bae0529e466771601ab88-156.199.34.183-54155258-163793237-guest/.../BF4.exe

http://fileshare1140.depositfiles.com/auth-14772282016cc2d64a3ae705b2e07226-189.112.29.79-19043738-163793237-guest/.../BF4.exe

http://fileshare1060.depositfiles.com/auth-1473091000649788c8e0b087ac1b4537-89.123.87.119-2672651752-163793237-guest/.../BF4.exe

http://fileshare1060.depositfiles.com/auth-1466448116cc6b114bd8fbba974051f3-5.107.69.192-2599531987-163793237-guest/.../BF4.exe

http://fileshare1060.depositfiles.com/auth-14709259075d7eadd0673a3ab7cd635a-89.111.241.1-2646955632-163793237-guest/.../BF4.exe

http://fileshare1060.dfiles.eu/auth-14673745273e49b126d60194647339c4-164.127.131.247-2609476151-163793237-guest/.../BF4.exe

http://fileshare1060.dfiles.eu/auth-14648796157b6be4db736e2a52d801c0-188.146.130.148-2581793589-163793237-guest/.../BF4.exe

http://fileshare1060.depositfiles.com/auth-146680896055775a73fc0c020b1e0911-190.213.129.240-2603449494-163793237-guest/.../BF4.exe

http://fileshare1060.depositfiles.com/auth-14631344443af2023d97a9feb7f970a7-213.8.204.34-2561660649-163793237-guest/.../BF4.exe

http://fileshare1060.dfiles.eu/auth-146349777393ce1a44afab2315085d39-85.94.123.253-2566036441-163793237-guest/.../BF4.exe

http://fileshare1060.depositfiles.com/auth-1462164570d6dd9a0a3d324f3274d210-175.143.20.13-2550628902-163793237-guest/.../BF4.exe

http://fileshare1060.dfiles.eu/auth-1459089172154a0bebc75a73811ba227-195.191.163.73-2513084993-163793237-guest/.../BF4.exe

http://fileshare1060.depositfiles.com/auth-1459293595a08a0124da63ff37e6e406-50.65.76.81-2515742435-163793237-guest/.../BF4.exe

http://fileshare1060.dfiles.eu/auth-1452331872688c7595be5f341106f17d-31.34.67.39-2425606368-163793237-guest/.../BF4.exe

Scan bf4.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.