home

crystal_mind_setup.exe

This is a setup and installation application. The file has been seen being downloaded from www.bdeurope.com.
MD5:
583e3fa54c0e754b93319616e7227f5e

SHA-1:
b10e6146b907079e35a8bbdf9ece855b4552abe2

SHA-256:
83a452e8e975370afc2d56f9dd25cf8c9af89bcd5b9ad982fc9969ca9285dc18

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/12/2025 10:32:18 PM UTC  (today)

File size:
4.9 MB (5,087,239 bytes)

File type:
Executable application (Win64 EXE)

File PE Metadata
OS version:
158.6288

OS bitness:
Win64

Linker version:
7.0

CTPH (ssdeep):
98304:UMMMMyiwC9vn6PukDYIJr8ahYjN1StPL2pfLNKvzRgOU7/QRv0r:JiR9v2uk8IJYcU1S5L2FgbRgOqQ5K

Entry address:
0x14D0147

Entry point:
4D, 5A, E5, 00, 05, 00, 00, 00, 20, 00, 00, 00, FF, FF, 4B, 00, 80, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 01, 00, FB, 50, 6A, 72, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 08, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9490  (probably packed)

Code size:
192 KB (196,615 bytes)

The file crystal_mind_setup.exe has been seen being distributed by the following URL.

https://www.bdeurope.com/.../crystal_mind_setup.exe

Scan crystal_mind_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.