home

copy of yaatra - shreenija travels.exe

Yaatra

Spidermoves Infotech Pvt. Ltd.

Publisher:
Spidermoves Infotech Pvt. Ltd.

Product:
Yaatra

Version:
1.00.0001

MD5:
b4bda5490cefae30308f929107483a66

SHA-1:
7b9e2bff5e148d4457f50e77d9f566533d94ef73

SHA-256:
3d68601358411db51b01d1cdfe4605c58ae020040bd511ebd0c0e646738d018d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 2:52:57 PM UTC  (today)

File size:
30.5 MB (31,997,952 bytes)

Product version:
1.00.0001

Original file name:
Yaatra - Shreenija Travels.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\copy of yaatra - shreenija travels.exe

File PE Metadata
Compilation timestamp:
7/15/2015 1:59:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:Nop1rUl29uMM3OSXbVhi9lBFie5obQOlCGlLEFopOMIkfJ2/o0p+TsMi4ylqxdNo:Nop1rUl29uMM3OSXbVhi9lBFie5obQOC

Entry address:
0x2E1EC

Entry point:
68, 58, 4D, 47, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, C3, 7A, 85, 7B, 28, 40, 02, 4D, B9, 7D, 60, 9B, 16, DE, BE, BE, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, FF, FF, 59, 61, 61, 74, 72, 61, 00, 01, 43, 3A, 5C, 57, 49, 4E, 44, 4F, 57, 53, 5C, 44, 65, 73, 6B, 74, 6F, 70, 5C, 59, 41, 41, 54, 52, 41, 20, 54, 52, 41, 56, 45, 4C, 53, 5C, 59, 41, 41, 54, 52, 41, 48, 45, 4C, 50, 00, 00, 00, 00, FF, CC, 31, 00, 03, D2, 32, 93, AB, 0C, 9E, 17...
 
[+]

Entropy:
5.8352

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
30.5 MB (31,985,664 bytes)

The file copy of yaatra - shreenija travels.exe has been seen being distributed by the following URL.

https://doc-0c-50-docs.googleusercontent.com/docs/securesc/01f2fuce34gr0fbcdv7lv0j6la802ahg/tbkr0t73i72smdnehub9rj32rl33s0o6/1453528800000/.../16716672935840462392/0B3BJX9RTGsDGY003bUZqMVpNb28?e=download

Scan copy of yaatra - shreenija travels.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.