home

cita11-05.exe

Project1

STAR* LABS

Publisher:
STAR* LABS

Product:
Project1

Version:
1.00

MD5:
8b3bcafaa464216b7eeebfbfd869e0d7

SHA-1:
b7b8a00b772fe99c5d010e77ba1e2849a2c40016

SHA-256:
9ac69101daee24a43f98f5895415abb1b4b5905020ad93c51254e51e2169e0fe

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/26/2024 11:46:41 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

F-Prot
W32/VBTrojan.17D1
4.6.5.141

File size:
20 KB (20,480 bytes)

Product version:
1.00

Original file name:
LINKNUEVO.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\cita11-05.exe

File PE Metadata
Compilation timestamp:
5/11/2016 6:00:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
96:/lxp0d9WxLn3Ch5exDdcf4k+niELpAucS8GGZLsyuNizlNujnzGEt2:/Ta3AnSrGtjpAucS8GGZAyuNkCGEt

Entry address:
0x11E4

Entry point:
68, 94, 13, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, BA, 6F, 64, 5C, A7, 09, FA, 4F, B3, 63, B2, F3, AA, 1F, 84, 35, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 90, FB, B1, 05, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, C1, 40, 00, 08, C1, 40, 00, 00, 00, 00, 00, FF, CC, 31, 00, 01, 7E, 3D, E7, E7, 40, E5, D0, 4A, 9A, D5, 35, 70, BB, 3E, 52, 10, 56, 93, 93, 5D, C6, 30, 79, 41, A6, 44, 83, F7, 22, 38, 0F, 11, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
2.5434

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
8 KB (8,192 bytes)

The file cita11-05.exe has been seen being distributed by the following URL.

http://allsoft.org.ua/wp-content/plugins/advanced-custom-fields/core/.../registro-cita.php

Scan cita11-05.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.