» cf65_green.exe
Overview
Analysis
File Details
Downloads (1)

cf65_green.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download1366.mediafire.com.

File name:

cf65_green.exe

MD5:

9b138346c585aec627ab37fa691ce356

SHA-1:

f12d58ec07782682d786290e4f27ae9b19845c25

SHA-256:

cae00354f0056f11c60ca73541d40d363f7066289a04f889dbf5748fa5c3ef67

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/2/2024 5:29:31 PM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

Win.Trojan.Agent-442924

0.98/21511

File size:

1.6 MB (1,689,600 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\reloj\cf65_green.exe

File PE Metadata

Compilation timestamp:

10/13/2007 3:57:20 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

49152:t3GLi7nrWiixUqIECTraIij4/697sZt88uTS:t3Hzyvx2Pa6c70t8dS

Entry address:

0x69F0

Entry point:

E8, 3E, 6E, 00, 00, E9, 16, FE, FF, FF, 6A, 0C, 68, 58, 73, 41, 00, E8, 2E, 0F, 00, 00, 8B, 4D, 08, 33, FF, 3B, CF, 76, 2E, 6A, E0, 58, 33, D2, F7, F1, 3B, 45, 0C, 1B, C0, 40, 75, 1F, E8, 6F, 01, 00, 00, C7, 00, 0C, 00, 00, 00, 57, 57, 57, 57, 57, E8, 5B, 1A, 00, 00, 83, C4, 14, 33, C0, E9, D5, 00, 00, 00, 0F, AF, 4D, 0C, 8B, F1, 89, 75, 08, 3B, F7, 75, 03, 33, F6, 46, 33, DB, 89, 5D, E4, 83, FE, E0, 77, 69, 83, 3D, 14, D9, 41, 00, 03, 75, 4B, 83, C6, 0F, 83, E6, F0, 89, 75, 0C, 8B, 45, 08, 3B, 05, 04, D9... 
[+]

Entropy:

7.9607 (probably packed)

Code size:

76.5 KB (78,336 bytes)

The file cf65_green.exe has been seen being distributed by the following URL.

http://download1366.mediafire.com/d68zwn4zewkg/.../CF65_green.exe

Scan cf65_green.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.