components_app.exe

FDFDTTRT

The executable components_app.exe has been detected as malware by 23 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from ssl2632.websiteseguro.com and multiple other hosts.
Product:
FDFDTTRT

Description:
EERERERE

Version:
1.0.0.0

MD5:
1fee2d53b40986078b1d7e1e50086dc7

SHA-1:
0f1c7f83419a453b39783d6a9aebec95e24b89cc

SHA-256:
2b5b1d41b5ef500d8796c374edf99ecbd545fbc8eca50ca43a56fce51750af5f

Scanner detections:
23 / 68

Status:
Malware

Analysis date:
12/27/2024 11:01:51 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.DL.Banload
7.1.1

Arcabit
Trojan.Kazy.D8757D
1.0.0.582

avast!
Win32:Dropper-gen [Drp]
2014.9-160214

AVG
Downloader.Banload2
2017.0.2834

Baidu Antivirus
Trojan.MSIL.Banload
4.0.3.16214

Bitdefender
Gen:Variant.Kazy.554365
1.0.20.225

Comodo Security
UnclassifiedMalware
23429

Emsisoft Anti-Malware
Gen:Variant.Kazy.554365
8.16.02.14.12

ESET NOD32
MSIL/TrojanDownloader.Banload.BW (variant)
10.12421

Fortinet FortiGate
MSIL/Banload.BW!tr.dldr
2/14/2016

F-Secure
Gen:Variant.Kazy.554365
11.2016-14-02_1

G Data
Gen:Variant.Kazy.554365
16.2.25

IKARUS anti.virus
Trojan-Downloader.MSIL.Banload
t3scan.1.9.5.0

K7 AntiVirus
Trojan-Downloader
13.211.17567

McAfee
Artemis!1FEE2D53B409
5600.6490

Microsoft Security Essentials
TrojanDownloader:MSIL/Banload
1.1.12101.0

MicroWorld eScan
Gen:Variant.Kazy.554365
17.0.0.135

NANO AntiVirus
Trojan.Win32.Agent.dosool
0.30.26.3947

Panda Antivirus
Trj/Chgt.O
16.02.14.12

Quick Heal
TrojanDownloader.Banload.r3
2.16.14.00

Sophos
Mal/Generic-S
4.98

VIPRE Antivirus
Trojan.Win32.Generic
44602

ViRobot
Trojan.Win32.A.Downloader.42496.NP[h]
2014.3.20.0

File size:
41.5 KB (42,496 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2015

Original file name:
SBL84337436373.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\components_app.exe

File PE Metadata
Compilation timestamp:
2/9/2015 12:20:05 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:vEGNzPw6Qz6LXfqxZlJdI+p14cD1u6qKYdaBpuFF8tZ:vE16Qz6jfIlScD1uYYdaBpuwz

Entry address:
0xBBEE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 50, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 68, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
39 KB (39,936 bytes)

The file components_app.exe has been seen being distributed by the following 2 URLs.

Remove components_app.exe - Powered by Reason Core Security