crack.exe

The application crack.exe has been detected as a potentially unwanted program by 30 anti-malware scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from s10394.chomikuj.pl.
MD5:
007b0dd3ca1fa5f2f6f0cddfbeb76b26

SHA-1:
91e940e2756024fe81f75ee5e35e3aa7fb169f9c

SHA-256:
1a3215a4f46c2455ee7d5cd99c30a95e9026610ed6df79671dfd7277ae12bee0

Scanner detections:
30 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 6:59:20 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.HackTool
7.1.1

AhnLab V3 Security
Unwanted/Win32.HackTool
2013.11.06

Avira AntiVirus
TR/Patched.Ren.Gen
7.11.111.6

AVG
Downloader.Generic2
2017.0.2809

Baidu Antivirus
HackTool.Win32.Patcher
4.0.3.16310

Bitdefender
Trojan.Generic.7837721
1.0.20.350

Bkav FE
W32.Clodd35.Trojan
1.3.0.4261

Comodo Security
Packed.Win32.MFSG.Gen
17221

Emsisoft Anti-Malware
Trojan.Generic.7837721
8.16.03.10.12

ESET NOD32
Win32/HackTool.Patcher (variant)
10.9010

Fortinet FortiGate
W32/Downloader.A!tr
3/10/2016

F-Prot
W32/Heuristic-210
v6.4.7.1.166

G Data
Trojan.Generic.7837721
16.3.22

IKARUS anti.virus
Trojan.Horse.Downloader2.XQU
t3scan.2.0.127

K7 AntiVirus
Riskware
13.173.10101

Malwarebytes
Trojan.Downloader
v2016.03.10.12

McAfee
Downloader.gen.a
5600.6465

MicroWorld eScan
Trojan.Generic.7837721
17.0.0.210

NANO AntiVirus
Trojan.Win32.FSPM.cjjco
0.26.0.55974

Norman
Suspicious_F.E
11.20160310

nProtect
Trojan/W32.HackTool.68404
13.11.05.02

Panda Antivirus
Trj/CI.A
16.03.10.12

Quick Heal
(Suspicious) - DNAScan
3.16.12.00

Rising Antivirus
Trojan.DL.Win32.GEN.a
23.00.65.16308

Sophos
Mal/KeyGen-M
4.94

SUPERAntiSpyware
Trojan.Agent/Gen-HackTool
9275

Total Defense
Win32/Donloz.GR
37.0.10498

Trend Micro House Call
TROJ_DLOADER.OZ
7.2.70

Trend Micro
TROJ_DLOADER.OZ
10.465.10

VIPRE Antivirus
Trojan.Win32.Generic
23084

File size:
66.8 KB (68,404 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\crack.exe

File PE Metadata
Compilation timestamp:
9/11/1987 3:35:02 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

CTPH (ssdeep):
1536:ERxuWPrYNokB085U6sWHdJ6dTIkzCiSlvGTkFKwus8MSGYA64lLiJI1:EXvYRPW6sWHaxXSQrwuWCyGc

Entry address:
0x154

Entry point:
4D, 5A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 45, 00, 00, 4C, 01, 02, 00, 46, 53, 47, 21, 00, 00, 00, 00, 00, 00, 00, 00, E0, 00, 0F, 01, 0B, 01, 00, 00, 00, 90, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 54, 01, 00, 00, 00, 10, 00, 00, 0C, 00, 00, 00, 00, 00, 41, 00, 00, 10, 00, 00, 00, 02, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, 00, C0, 03, 00, 00, 02, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 10, 00, 00, 10, 00, 00, 00, 00, 10, 00, 00, 10, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
36 KB (36,864 bytes)

The file crack.exe has been seen being distributed by the following URL.

Remove crack.exe - Powered by Reason Core Security