Digimobs Mod Installer.exe

Installer

This is a self-extracting archive and installer. The file has been seen being downloaded from www.skydaz.com.
Product:
Installer

Description:
Skydaz Installer

Version:
1.0.0.0

MD5:
785dbf326798fedbd30ffa9dc0b733f9

SHA-1:
ba36392caf55a6d6da78f287d5dcbcbf32ebd1b8

SHA-256:
ededb44b0f4ff8aae61122a84bb25ed1395ab7a0da61fd4690899483f576af70

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/29/2024 4:46:08 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Dropper.Gen
2.1.4+

File size:
1.1 MB (1,158,656 bytes)

Product version:
1.0.0.0

Original file name:
Digimobs Mod Installer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\digimobs mod installer.exe

File PE Metadata
Compilation timestamp:
4/16/2012 11:07:01 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:v+XXTUoCMLVrkhqI1xaCFnhLT5CMwnLVrkhqI1xaCFnhLT5Y:v+XXTUFMC1JUC1J

Entry address:
0xB1CEE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
703.5 KB (720,384 bytes)

The file Digimobs Mod Installer.exe has been seen being distributed by the following URL.

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to www.softologic.com  (174.37.181.31:80)

TCP (HTTP SSL):
Connects to www.ibbalance.com  (173.192.190.227:443)

Scan Digimobs Mod Installer.exe - Powered by Reason Core Security