bhop script.exe

The executable bhop script.exe has been detected as malware by 4 anti-virus scanners. The file has been seen being downloaded from fs12n1.sendspace.com.
MD5:
24e7eec910025ab70c4d4b5700c8486b

SHA-1:
fd41c285f24d8e47839fc25cb64cfd51ecc284f5

SHA-256:
9bd30f572aa863a264589779e6b77bae51e11622e2cb9219b4320be00dd024c8

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
12/27/2024 5:13:51 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
160216-0

Dr.Web
Trojan.DownLoader19.34409
9.0.1.05190

ESET NOD32
MSIL/Agent.ABP trojan
8.0.319.0

Microsoft Security Essentials
Threat.Undefined
1.215.2718.0

File size:
317 KB (324,608 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\bhop script.exe

File PE Metadata
Compilation timestamp:
2/22/2016 8:47:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:UlH4PLzDhBflZnmv+ImLbR9JWJWMJYJdzFMwvFSHHU37:AYPLzDHCmHRvEhYvZM6

Entry address:
0x50CAE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.0340

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
315.5 KB (323,072 bytes)

The file bhop script.exe has been seen being distributed by the following URL.

Remove bhop script.exe - Powered by Reason Core Security