home

build4.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from 4pda.ru.
MD5:
2f631777b8c45aa80e2fb6ff35b6aa78

SHA-1:
7d61f3f113d75c72063a67553fe09511cc9b8cb6

SHA-256:
feccb5cbd151f11399d7f8ce598fed8d73f5d219cb1e65479e59f31f21206be9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:22:16 AM UTC  (today)

File size:
14.1 MB (14,762,560 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\build4.exe

File PE Metadata
Compilation timestamp:
7/28/2012 3:35:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:7PD7QSvEP7FlZNKumOQpYEyKrYFlclf3CB+Qpw1hPDqD:TXQSKvQtDlatuPeD

Entry address:
0x1E7070

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 54, 4E, 5E, 00, E8, 67, 02, E2, FF, 8B, 1D, 00, 03, 5F, 00, 8B, 03, E8, CE, C3, EA, FF, 8B, 03, 33, D2, E8, 69, E2, EA, FF, 8B, 03, C6, 40, 5B, 00, 8B, 0D, 08, 04, 5F, 00, 8B, 03, 8B, 15, E4, 1B, 5C, 00, E8, C4, C3, EA, FF, 8B, 0D, B8, 03, 5F, 00, 8B, 03, 8B, 15, 1C, 2F, 5E, 00, E8, B1, C3, EA, FF, 8B, 0D, 58, 03, 5F, 00, 8B, 03, 8B, 15, 68, 79, 5C, 00, E8, 9E, C3, EA, FF, 8B, 0D, B4, 05, 5F, 00, 8B, 03, 8B, 15, 14, E2, 5B, 00, E8, 8B, C3, EA, FF, 8B, 0D, 3C, 03, 5F, 00, 8B...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.9 MB (1,988,608 bytes)

The file build4.exe has been seen being distributed by the following URL.

http://4pda.ru/.../index.php?act=attach&id=6946016&dlsess=22fc648b5dd5a4bb738e6e099b5a063e

Scan build4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.