cactus 2.7 2013.exe

The application cactus 2.7 2013.exe has been detected as a potentially unwanted program by 32 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from download940.mediafire.com and multiple other hosts.
MD5:
82694c2fc4308b8ece20dc6f7d3d0b43

SHA-1:
6fb096243317d4fc44fd12483ea1bba4b476b6bb

SHA-256:
0c057e26097ef59b92c54744b135a17134b0fc78a62c69e11daae392f80ce2e5

Scanner detections:
32 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 6:02:54 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Jaik.761
823

Agnitum Outpost
Trojan.DR.VB
7.1.1

Avira AntiVirus
TR/Dropper.Gen
7.11.177.254

avast!
Win32:Bifrose-FIC [PUP]
2014.9-141103

AVG
VBCrypt
2015.0.3301

Baidu Antivirus
Trojan.Win32.Dropper
4.0.3.14113

Bitdefender
Gen:Variant.Jaik.761
1.0.20.1535

Clam AntiVirus
Trojan.Banload-1361
0.98/21411

Comodo Security
Backdoor.Win32.Agent.CEP13
19793

Dr.Web
Trojan.MulDrop.7451
9.0.1.0307

Emsisoft Anti-Malware
Gen:Variant.Jaik.761
8.14.11.03.09

ESET NOD32
Win32/TrojanDropper.VB.OOQ (variant)
8.10557

Fortinet FortiGate
W32/Agent.C!tr
11/3/2014

F-Secure
Gen:Variant.Jaik.761
11.2014-03-11_2

G Data
Gen:Variant.Jaik.761
14.11.24

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.7.8.0

K7 AntiVirus
Trojan
13.183.13662

Kaspersky
Trojan-Dropper.Win32.VB
14.0.0.3000

McAfee
Artemis!82694C2FC430
5600.6957

MicroWorld eScan
Gen:Variant.Jaik.761
15.0.0.921

NANO AntiVirus
Trojan.Win32.Bifrose.ixsc
0.28.2.62671

Norman
Troj_Generic.SGPZE
11.20141103

Panda Antivirus
Trj/CI.A
14.11.03.09

Qihoo 360 Security
Win32/Trojan.Dropper.680
1.0.0.1015

Quick Heal
Backdoor.Bifrose.EF3
11.14.14.00

Rising Antivirus
PE:Backdoor.Win32.Bifrose.de!1074942026
23.00.65.141101

Sophos
Troj/KillAV-FG
4.98

Trend Micro House Call
BKDR_BFRS1.TOMA
7.2.307

Trend Micro
BKDR_BFRS1.TOMA
10.465.03

Vba32 AntiVirus
TrojanDropper.VB
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
33896

ViRobot
Dropper.A.VB.189295
2011.4.7.4223

File size:
184.9 KB (189,295 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\cactus 2.7 2013.exe

File PE Metadata
Compilation timestamp:
12/17/2010 2:14:19 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:cPRuJo0o/OooObMZa908ltpCAzUdLHbb/Aly+LhVf+X+QsoddfCFn/tufBSTpCVl:cPRuC9OooOZ5ltpCfJH/kyOzW+QsodxH

Entry address:
0x98E9

Entry point:
E8, 1E, FF, FF, FF, 33, C0, 50, 50, 50, 50, E8, AD, 2B, 00, 00, C3, 56, 57, 8B, 7C, 24, 0C, 8B, F1, 8B, CF, 89, 3E, E8, BB, 99, FF, FF, 89, 46, 08, 89, 56, 0C, 8B, 87, 1C, 0C, 00, 00, 89, 46, 10, 5F, 8B, C6, 5E, C2, 04, 00, 8B, C1, 8B, 08, 8B, 50, 10, 3B, 91, 1C, 0C, 00, 00, 75, 0D, 6A, 00, FF, 70, 0C, FF, 70, 08, E8, 4F, 9E, FF, FF, C3, 55, 8B, EC, 83, EC, 1C, 56, 33, F6, 56, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 18, E2, 40, 00, 85, C0, 74, 21, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 1C, E2, 40, 00, 8D, 45, E4...
 
[+]

Code size:
50.5 KB (51,712 bytes)

The file cactus 2.7 2013.exe has been seen being distributed by the following 4 URLs.

Remove cactus 2.7 2013.exe - Powered by Reason Core Security