home

Dfd.EXE

Dfd 1.0!

SMART

This is a setup program which is used to install the application. The file has been seen being downloaded from docs.google.com and multiple other hosts.
Publisher:
SMART

Product:
Dfd 1.0!

Description:
Dfd

Version:
1.0

MD5:
016b394dd73a0dcc88bd4bc9a46e3814

SHA-1:
a23690df912cff613247b72c8f4b8b8564b173a5

SHA-256:
fe336e7d7dc8432ebee077abb34c267153f066ee63e26ab13a648e8dd6566993

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/17/2024 11:35:43 AM UTC  (today)

File size:
1.2 MB (1,273,487 bytes)

Product version:
1.0

Copyright:
Copyright 1998

Original file name:
Dfd.EXE

File type:
Executable application (Win32 EXE)

Language:
Spanish

File PE Metadata
Compilation timestamp:
9/18/2006 6:06:11 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:ayTmzMSKHHt0BiGsIFJz8tWEwal+LRFm20oMddfbfN5v2d:aBUHNu5+7fN5+d

Entry address:
0x1000

Entry point:
A1, 5A, 00, 45, 00, C1, E0, 02, A3, 5E, 00, 45, 00, 57, 51, 33, C0, BF, A0, C8, 45, 00, B9, E4, D3, 45, 00, 3B, CF, 76, 05, 2B, CF, FC, F3, AA, 59, 5F, 64, 67, 8B, 16, 04, 00, 89, 15, 6E, 00, 45, 00, 8B, 42, F8, A3, 66, 00, 45, 00, 8B, 42, FC, A3, 6A, 00, 45, 00, 83, EA, 04, 89, 15, 14, D0, 45, 00, 83, EA, 04, 3B, D4, 73, 02, 8B, E2, 6A, 00, E8, 8B, 54, 04, 00, 59, 68, 2C, 00, 45, 00, 6A, 00, E8, 4E, E0, 04, 00, A3, 62, 00, 45, 00, 6A, 00, E9, C4, CF, 04, 00, E9, 4F, 55, 04, 00, 00, 00, 00, 55, 8B, EC, 53...
 
[+]

Code size:
314 KB (321,536 bytes)

The file Dfd.EXE has been seen being distributed by the following 20 URLs.

https://docs.google.com/uc?authuser=0&id=0B25I_oLoNHUCZjI2YmQwOGQtOGVkZi00N2M5LWI2ODgtYzBhOTI0NjI0NTM1&export=download

https://www.henryford.esc.edu.ar/moodle/pluginfile.php/4041/mod_folder/content/.../Dfd.exe

http://www.cetis114.edu.mx/mod/.../view.php?id=160

http://190.255.35.172/moodle/mod/.../view.php?id=3950

https://edoome.s3.amazonaws.com/private/user/109719/.../109719-F-81438500-1468198108?response-content-disposition=attachment; filename="Dfd.exe"&AWSAccessKeyId=AKIAIYZB7I7WJM7TXALA&Expires=1470264752&Signature=vRGWLVZ54ZKwPjEnzm VD1OYKw8=

http://190.255.35.172/moodle/mod/.../view.php?id=3869

http://148.234.13.71/App/Curso/.../wfDownload.aspx?Unidad=F:-Contenedor_379-&RecursoNombre=Dfd.exe&ArchivoAnterior=59769_25-01-2016_10-27-18_359.exe

https://api.edmodo.com/files/.../download?f=9yl1g15d76wr1pfchg5d7tzj3

http://172.168.1.17/moodle/mod/.../view.php?id=3869

https://api.edmodo.com/files/.../download?f=4qkg1ncz6j7elds9ygpns2n6

https://www.dropbox.com/pri/get/PROGRAMACION_I_ER_2016/.../Dfd.exe

https://drive.google.com/uc?id=0B3cdjqucbiE_STVzVDhSLXB2MzQ&export=download

http://prepamoodle.univa.mx/moodle/mod/.../view.php?id=28123

http://www.virtualaitec.edu.ec/pluginfile.php/21505/mod_folder/content/.../Dfd.exe

http://www.prefecogilbertomartinez.edu.mx/.../Dfd.exe

https://sallecuenca.milaulas.com/mod/.../view.php?id=302

http://167.114.135.150/moodle/pluginfile.php/498880/mod_folder/content/.../Dfd.exe

http://online.b1.org/rest/online/download/.../Dfd.exe

https://sites.google.com/site/.../Dfd.exe

temp:Dfd.exe

Scan Dfd.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.