home

ComboFix.exe

ComboFix

Swearware

ComboFix is an application from sUBs that scans your computer for the most common and current malware, and when found, attempts to clean these infections. This is a self-extracting archive and installer. The file has been seen being downloaded from download.bleepingcomputer.com.
Publisher:
Swearware

Product:
ComboFix

Description:
ComboFix NSIS Installer

Version:
15.10.28.01

MD5:
9f52377fee1f3ed0b9fd15ce923ffaa2

SHA-1:
4dedd8f23bc6b8464a57c0c3f144806791b215e1

SHA-256:
0aea698ca8d55c0bbcacd117f67b5180ca1c69910c43ebdb94eb716df69b6332

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/22/2024 12:43:09 PM UTC  (today)

File size:
5.4 MB (5,712,113 bytes)

Copyright:
sUBs

Original file name:
ComboFix.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\combofix.exe

File PE Metadata
Compilation timestamp:
5/11/2014 10:03:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:GzrV7J/Rf3y3SoFdHnhSLAKZA/nRMfo2MPHA5c4UhuC3zyFKP+Cs8vEl5P:G17Jxy3xFdH0LJApoof/Sc4hOugP+CsT

Entry address:
0x314D0

Entry point:
B7, D7, 80, C1, E2, 1D, A4, 2C, 9C, 74, 85, F1, 76, 02, B6, F6, F6, C5, 70, 89, CF, 68, A0, 06, D9, 00, 68, C3, FC, E9, 00, C7, C1, 4B, 9D, 0F, 36, 32, DE, 47, E8, 00, 00, 00, 00, C7, C0, 84, C8, 6A, 84, 0F, BE, F8, 84, D2, BB, 44, A1, 17, 25, B5, 94, B8, 12, D5, 00, FF, 69, F1, 40, 4B, D6, F1, F2, 2B, D7, 85, EA, 73, 06, F3, F6, C6, 1A, B4, 11, 5A, 29, F5, 87, F6, F2, F3, F7, C1, D7, FA, F7, 04, 3D, 32, 3D, E6, D4, 85, C5, 0F, B6, F5, 80, E1, B6, 81, C8, CD, 02, A0, D8, 88, F3, C7, C5, 72, 7C, 03, AA, FE...
 
[+]

Code size:
20 KB (20,480 bytes)

The file ComboFix.exe has been seen being distributed by the following URL.

http://download.bleepingcomputer.com/dl/155696fc954ffc939a97394853f03e23/5638ea8c/windows/security/anti-virus/c/.../ComboFix.exe

Scan ComboFix.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.