home

DDOS_ATACK_MODEME_SALDIRI_PROGRAMI.exe

DDOS ATACK MODEME SALDIRI PROĞRAMI

This is a setup program which is used to install the application. The file has been seen being downloaded from s8.dosya.tc.
Product:
DDOS ATACK MODEME SALDIRI PROĞRAMI

Version:
1.0.0.0

MD5:
fd4f114929acee1360d586737faeb88e

SHA-1:
4bf5a150641b521dab1c47e0449d9c02328b2f27

SHA-256:
c4ad667f5d0142de16aa00bcb96771614e66dbe0b3c263cc49875137d8823c92

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 12:00:05 AM UTC  (today)

File size:
186.5 KB (190,976 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
DDOS ATACK MODEME SALDIRI PROĞRAMI.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\users\{user}\downloads\ddos_atack_modeme_saldiri_programi.exe

File PE Metadata
Compilation timestamp:
4/10/2016 8:06:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:Xj74Yv0Q7kYGXqyBj07cqgnggngnggs2oB34nQUIUrw45mJFSWLI2XP8S6A5l8:XjwQ7Z5XkMIUrBm722f8Ky

Entry address:
0x2F55E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
181.5 KB (185,856 bytes)

The file DDOS_ATACK_MODEME_SALDIRI_PROGRAMI.exe has been seen being distributed by the following URL.

http://s8.dosya.tc/en2.php?a=server2/.../DDOS_ATACK_MODEME_SALDIRI_PROGRAMI.exe&b=1dec124f0cf5a8aab8e48a04f35c4d17

Scan DDOS_ATACK_MODEME_SALDIRI_PROGRAMI.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.