home

cute_ftp_modificado.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-0k-a4-docs.googleusercontent.com and multiple other hosts.
MD5:
8833dd9fe44fdb97a2c80c3ce1447044

SHA-1:
6691724305098b7255c505b876d4399a13013b6e

SHA-256:
83614940ac20b21da88cb7bf870b8d34fea6b4aeb91643a4fc5e0679ebec0740

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/17/2024 6:29:10 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
TrojWare.Win32.Buzus.~KLO
18918

NANO AntiVirus
Trojan.Win32.Agent.bxplzz
0.28.2.60881

VIPRE Antivirus
BehavesLike.Win32.Malware.bsw (vs)
31456

File size:
5.4 MB (5,628,100 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programas piratas\cómo crackear\cute_ftp_modificado.exe

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:SL9H14eXKijXDypvnWNyPFeRKiSzV6FqwNQaZIF0VPNbknLEo9St579Jap5dZN69:S5HTaiXcvnWN0IMiSzV6Fqw+a4DW5LkY

Entry address:
0x61CD4

Entry point:
55, 8B, EC, 83, C4, EC, 53, 33, C0, 89, 45, EC, B8, 84, 1A, 46, 00, E8, 92, 41, FA, FF, 8B, 1D, 30, 6B, 46, 00, 33, C0, 55, 68, 7A, 1D, 46, 00, 64, FF, 30, 64, 89, 20, 8B, 03, E8, EF, 15, FF, FF, 8B, 03, BA, 90, 1D, 46, 00, E8, DB, 11, FF, FF, 8B, 0D, 60, 69, 46, 00, 8B, 03, 8B, 15, D0, 09, 46, 00, E8, E8, 15, FF, FF, 8B, 0D, 94, 6C, 46, 00, 8B, 03, 8B, 15, 18, 06, 46, 00, E8, D5, 15, FF, FF, 8B, 0D, FC, 69, 46, 00, 8B, 03, 8B, 15, 30, 04, 46, 00, E8, C2, 15, FF, FF, 8B, 03, C6, 40, 5B, 00, 8D, 55, EC, B8...
 
[+]

Entropy:
7.9622

Developed / compiled with:
Microsoft Visual C++

Code size:
387.5 KB (396,800 bytes)

The file cute_ftp_modificado.exe has been seen being distributed by the following 7 URLs.

https://doc-0k-a4-docs.googleusercontent.com/docs/securesc/mrhqeuvbhs72jknh5hhi43clnepb825m/pk1n5l9q8okd12t0lktsfb89qnna4ppi/1474934400000/09615610139648940356/.../0BwnyAoV2Gm8VbU1DeW1NRjdLVms?e=download

https://doc-04-2o-docs.googleusercontent.com/docs/securesc/peg1gs2khh0idpn3achah3vdgnj2v6vs/noav0r3ep0hbtpjijqaiidq91d3ttgm1/1478822400000/09615610139648940356/.../0BwnyAoV2Gm8VbU1DeW1NRjdLVms?e=download

https://doc-10-00-docs.googleusercontent.com/docs/securesc/pq29tojhrol35b78d2lq8i7ha6natqll/anittm6d6pnvifuadkncphpj8jiqklvv/1472443200000/09615610139648940356/.../0BwnyAoV2Gm8VbU1DeW1NRjdLVms?e=download

https://doc-0o-7g-docs.googleusercontent.com/docs/securesc/frk6agtub0rqm8etfu3o2btsgaebei0k/g7md0v91h6rnlqqe40g4g785mags40ej/1459382400000/09615610139648940356/.../0BwnyAoV2Gm8VbU1DeW1NRjdLVms?e=download

https://doc-14-8s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/uags68ss9oqe29pj7uafk6t1vdaoar9o/1426716000000/09615610139648940356/.../0BwnyAoV2Gm8VbU1DeW1NRjdLVms?e=download

https://drive.google.com/uc?id=0BwnyAoV2Gm8VbU1DeW1NRjdLVms&export=download

https://doc-0o-4c-docs.googleusercontent.com/docs/securesc/tkqfna0e760nvi07ep8c3idl6j20gojt/ffcro6v6cqqkerhal0r6v49ncvrkj9ni/1412920800000/09615610139648940356/.../0BwnyAoV2Gm8VbU1DeW1NRjdLVms?h=16653014193614665626&e=download

Scan cute_ftp_modificado.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.