» como+llamar+a+un+celular+en+cuba+desde+chile.exe
Overview
Analysis
File Details
Downloads (1)

como+llamar+a+un+celular+en+cuba+desde+chile.exe

The application como+llamar+a+un+celular+en+cuba+desde+chile.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from bookbook.in.

File name:

MD5:

ed6a48eead80a6e86b45ea53270a22ad

SHA-1:

fc1167d0d4823bd52b7a47918065d1efe67b838f

SHA-256:

89d7b999da83d02dd47ee40b738c284d8dcceb48ff67d99c74bc5195d6780d0f

Scanner detections:

5 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 12:35:11 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Agent-AYLT [PUP]

160518-2

AVG

Adware Generic_r.VD

2015.0.4604

Emsisoft Anti-Malware

Gen:Variant.Adware.MPlug.16

11.5.0.6191

ESET NOD32

Win32/AdWare.MultiPlug.CT application

8.0.319.0

Microsoft Security Essentials

Threat.Undefined

1.225.1925.0

File size:

874.5 KB (895,488 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\como+llamar+a+un+celular+en+cuba+desde+chile.exe

File PE Metadata

Compilation timestamp:

6/4/2013 3:26:58 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:AXIUB+AOxqGSQxxoyAFaolaFl3gb/7++hyITQ4zbf6J0maM3LpdoxzG+Fbs6YO17:S+OGS8xI8dgDV0oDeJNajxaKwUkpPCY2

Entry address:

0x3E0B6

Entry point:

E8, 78, 48, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 10, C5, 44, 00, E8, E4, 0F, 00, 00, E8, 45, 4A, 00, 00, 0F, B7, F0, 6A, 02, E8, 0B, 48, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, D6, 08, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Code size:

280.5 KB (287,232 bytes)

The file como+llamar+a+un+celular+en+cuba+desde+chile.exe has been seen being distributed by the following URL.

http://bookbook.in/780e5b77cdfcc6f9eca8d6d53f43af49/roro/dl.php?id=1414991725540095039&r=http://newdata.in/v3815/lp/?q=IsDKedgd0tIuF56789MfLfgXqB/qnxYlBMwJcZymZs149Esfjqs1hqrTpW1ZOapBU182e92KeUzWRwsF08XtUKXlv0TsJzMbhugX8ZB0BDS8te/MDnUqDxeBVTFZMJ4Mis/7B9QtwFUr9QY DkCnX9xZtNeQWqpW1ow/c/vSsWEU8VaTAkHNkyT0NvCSee4MjINpa7aIx/TEdflWLRj7pDX1Z2xb8bNTjalETCNxSy8y3mntU59F4skp4Acm514Be3NmPkaSebAHw /MFt36U3m0r/IkOtg1y803iwvjFdtzGBAKKW8 cdgBzyFEpYzpMiazqyUkfA9XfuyY/.../5CV7jAzjXB9X5es0wEaVHegOpGCYXLuRqV8812 J&__rnd=f7dc095fa6d1b6b89e923ba97b216619

Remove como+llamar+a+un+celular+en+cuba+desde+chile.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.