cliente avon formulário 2016.exe

The executable cliente avon formulário 2016.exe has been detected as malware by 2 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from goo.gl.
MD5:
ef3a7237f90332f3d071b7a50b14c1de

SHA-1:
5e79cbe705f5b9691e955952ee917fc754d47379

SHA-256:
b7c380f853489680a038fb56f1d8c99b4f3d347603128b8e8a169fe032a708f3

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
12/24/2024 1:23:58 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/TrojanDownloader.Agent.COY trojan
6.3

F-Secure
Trojan.Agent.BXEV
5.15.96

File size:
315.7 KB (323,260 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\cliente avon formulário 2016.exe

File PE Metadata
Compilation timestamp:
8/3/2016 5:21:17 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:lmnDbRquKTCjaV6Ywsm6y3e7dHPBjKtSN4so+p4YlR0PuXZ+p8W:l86TCGAv/6y3+PBWtIdoo4aeP2W

Entry address:
0x8DE0

Entry point:
8B, FF, 55, 8B, EC, E8, 96, AD, 00, 00, E8, 11, 00, 00, 00, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 6A, FE, 68, 70, B6, 42, 00, 68, B0, C4, 40, 00, 64, A1, 00, 00, 00, 00, 50, 83, C4, 94, 53, 56, 57, A1, A0, E5, 42, 00, 31, 45, F8, 33, C5, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, C7, 45, 90, 00, 00, 00, 00, C7, 45, FC, 00, 00, 00, 00, 8D, 45, A0, 50, FF, 15, 18, 31, 42, 00, C7, 45, FC, FE, FF, FF, FF, EB, 26, B8, 01, 00, 00, 00, C3, 8B, 65, E8, C7...
 
[+]

Code size:
135.5 KB (138,752 bytes)

The file cliente avon formulário 2016.exe has been seen being distributed by the following URL.

Remove cliente avon formulário 2016.exe - Powered by Reason Core Security