» cantennator.exe
Overview
Analysis
File Details
Downloads (1)

cantennator.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from dc343.4shared.com.

File name:

cantennator.exe

MD5:

d99752f2a08de862d2f2aa5fd7ef79da

SHA-1:

fef070d2155c4a02a6cc216cb8decc37d27d1076

SHA-256:

21aa455308556ce13af8a94c049c347d153bbc40e4e31515715b9c5a1d934d70

Scanner detections:

7 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/27/2024 7:30:20 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

PCK/ExeCryptor

7.11.8.107

Clam AntiVirus

PUA.Packed.EXECryptor

0.98/18011

Comodo Security

UnclassifiedMalware

8808

Norman

W32/Suspicious_Gen2.GRGSP

11.20140410

Quick Heal

(Suspicious) - DNAScan

4.14.11.00

Trend Micro House Call

PAK_Generic.009

7.2.100

Trend Micro

PAK_Generic.009

10.465.10

File size:

468 KB (479,232 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\cantennator\cantennator.exe

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:/lbMlSO54SqB47Pz8g+w9wyVBDyKPGNPRmL5P2vkaJ7ucJn:/l4SnSyYPziwVkRmVukEuct

Entry address:

0x168850

Entry point:

E8, F7, FE, FF, FF, 05, 2D, 76, 00, 00, FF, E0, E8, EB, FE, FF, FF, 05, 75, 75, 00, 00, FF, E0, E8, 04, 00, 00, 00, FF, FF, FF, FF, 5E, C3, 00, 5B, DA, D0, 32, F4, FD, 90, 9E, 9C, EB, 00, F2, 28, 80, F5, D9, 99, 81, A3, D0, 03, CB, CC, 47, 0E, E7, 5C, D8, 45, BB, CC, A5, B7, 4A, 1A, F7, 66, 84, 0C, 0D, B8, 61, 33, 25, FB, C8, AE, BF, FE, 2C, 52, 24, EC, 2E, 03, 5A, A6, 5C, 3F, B4, 27, A4, 4C, D9, 42, 17, AE, 64, 21, 14, 97, 7E, 34, 6F, 01, 71, BA, DF, 32, 70, 03, 9E, 1F, EA, 07, FC, 68, 7B, 93, 2D, E4, A4... 
[+]

Entropy:

7.9889

Packer / compiler:

EXECryptor 2.2.4

Code size:

454.5 KB (465,408 bytes)

The file cantennator.exe has been seen being distributed by the following URL.

http://dc343.4shared.com/download/.../cantennator.exe

Scan cantennator.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.