» boomzruler.exe
Overview
Analysis
File Details
Downloads (39)

boomzruler.exe

ipis Ruller for Boomz

ipis

This is a setup program which is used to install the application. The file has been seen being downloaded from download637.mediafire.com and multiple other hosts.

File name:

boomzruler.exe

Publisher:

ipis

Product:

ipis Ruller for Boomz

Description:

Boomz Ruller

Version:

1.0.0.1

MD5:

796f7bbee5f17e764d4099b112965bb2

SHA-1:

6817e09fe52891ab7d2bd8767fce1334978902c3

SHA-256:

31255a7d1179f2c15988305202439e65524fbaff1aecef331b1ddba1d0e22a96

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/5/2024 10:32:29 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Adware.InstallCore.53

9.0.1.0226

Rising Antivirus

PE:Malware.Webalta!6.BD2

23.00.65.14812

File size:

524 KB (536,576 bytes)

Product version:

1.0.0.0

ipis

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:MZSJZQdzHW9DKkfACZBW4WcEF/KEI1ixzf+FsJVq5kAzST:Mgg2ZDfLZBW4o9neixzf2k

Entry address:

0x6C68C

Entry point:

55, 8B, EC, 83, C4, F0, B8, EC, C4, 46, 00, E8, 74, 9F, F9, FF, A1, 7C, E8, 46, 00, 8B, 00, E8, 94, 8E, FE, FF, 8B, 0D, C8, E7, 46, 00, A1, 7C, E8, 46, 00, 8B, 00, 8B, 15, F0, BB, 46, 00, E8, 94, 8E, FE, FF, 8B, 0D, 5C, E9, 46, 00, A1, 7C, E8, 46, 00, 8B, 00, 8B, 15, F4, B9, 46, 00, E8, 7C, 8E, FE, FF, A1, 7C, E8, 46, 00, 8B, 00, E8, F0, 8E, FE, FF, E8, 6F, 7A, F9, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

430 KB (440,320 bytes)

The file boomzruler.exe has been seen being distributed by the following 39 URLs.

http://download637.mediafire.com/od6o9lntp1gg/.../Regua by Willian.exe

http://download1159.mediafire.com/524054tzvvlg/.../boomzruler (1).exe

http://download733.mediafire.com/d6zb6kd1eakg/.../boomzruler (1).exe

http://download733.mediafire.com/v7ocpvzc87fg/.../Regua by Willian.exe

http://download1345.mediafire.com/gif0gswqd8qg/.../Regua by Willian.exe

http://download1476.mediafire.com/54ypwzyd55wg/.../Regua by Willian.exe

http://dc145.4shared.com/download/.../boomzruler.exe

http://download1476.mediafire.com/f42ayg3ebapg/.../boomzruler (1).exe

http://dc269.4shared.com/download/.../boomzruler.exe

http://dc145.4shared.com/download/.../regua_ddtank.exe

http://download1345.mediafire.com/4s2iejtmk1qg/.../Regua by Willian.exe

http://download1345.mediafire.com/pdjrfpjptrzg/.../Regua by Willian.exe

http://download733.mediafire.com/571o8zry71ig/.../Regua by Willian.exe

http://download1345.mediafire.com/cf4e5a4cmslg/.../Regua by Willian.exe

http://download1345.mediafire.com/jtbskcmqo1wg/.../Regua by Willian.exe

http://download733.mediafire.com/bvw7njhoav4g/.../Regua by Willian.exe

http://download733.mediafire.com/qwov6356ojbg/.../boomzruler.exe

http://download733.mediafire.com/klsrkelcuf7g/.../Regua by Willian.exe

http://download733.mediafire.com/hofo1st23vyg/.../Regua by Willian.exe

https://www.dropbox.com/s/.../Regua.exe

http://download1838.mediafire.com/02dg5bja43xg/.../Regua by Willian.exe

http://download1345.mediafire.com/3yh3pt7fflpg/.../Regua by Willian.exe

http://download1476.mediafire.com/2d8dbsgccs0g/.../Regua by Willian.exe

http://download1476.mediafire.com/bon1h1u1zjeg/.../boomzruler (1).exe

http://download1476.mediafire.com/41fo9ryq50wg/.../Regua by Willian.exe

http://dc439.4shared.com/download/.../boomzruler__1_.exe

http://download23.mediafire.com/3zd3t9ctbqgg/.../boomzruler (1).exe

http://download1476.mediafire.com/8n6qbpyqyveg/.../Regua by Willian.exe

https://mg.mail.yahoo.com/.../download?m=YaDownload&mid=2_0_0_1_44980_ADDmjkQAABDVUjGw2QAAAFVzgZk&fid=Inbox&pid=2&clean=0&appid=YahooMailNeo&ymreqid=d99371f0-f54e-6f12-01fe-cd0015010000

http://download1159.mediafire.com/qoziv9uhalwg/.../boomzruler (1).exe

Latest 30 of 39 download URLs

Scan boomzruler.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.