bhop script.exe

The executable bhop script.exe has been detected as malware by 6 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from fs08n3.sendspace.com and multiple other hosts.
MD5:
91360b32b680dbfb15f28276a3c1e245

SHA-1:
6af8d5e282d93b01a4e24ad48816ddc1e170de97

SHA-256:
6aaaecbccf690cf9332c68e891ec1c04aac27720409cb75b8a47b1f1aa4003db

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
12/28/2024 1:44:52 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
MSIL:Agent-BAO [Trj]
160327-1

Emsisoft Anti-Malware
Gen:Variant.MSILPerseus.3430
11.5.0.6191

ESET NOD32
MSIL/Agent.FV trojan
8.0.319.0

F-Secure
Variant.Barys.53586
5.15.96

McAfee
Trojan.Artemis!91360B32B680
18.0.204.0

Norman
Gen:Variant.Barys.53586
10.04.2016 15:29:17

File size:
453 KB (463,872 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\bhop script.exe

File PE Metadata
Compilation timestamp:
4/26/2016 5:37:01 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:KN1oQbfvb+YMXg8uB4zqSRvErYLmG2Kk:KZfztMP2MmOjA

Entry address:
0x72C8E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
451.5 KB (462,336 bytes)

The file bhop script.exe has been seen being distributed by the following 3 URLs.

https://fs08n3.sendspace.com/dl/48fd8de316f49893442361a645417be3/5762bd3d392f347e/.../Bhop Script.exe

https://fs08n2.sendspace.com/dl/32ab917ed82fdb02ba5abb44242f1be8/5735c1b0262bf9db/.../Bhop Script.exe

Remove bhop script.exe - Powered by Reason Core Security