dsp_rocksteady21.exe

The executable dsp_rocksteady21.exe has been detected as malware by 13 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from download.nullsoft.com and multiple other hosts.
MD5:
bbb1044045aa7ce234947bcdd9c85ef5

SHA-1:
995f706450904d52e2b51555c4aca4b056aa2da8

SHA-256:
4a5ed7cc10735e2687a75799ae43918e06d072248aa4848fe9254af9464e872b

Scanner detections:
13 / 68

Status:
Malware

Analysis date:
11/5/2024 10:40:39 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.DL.Agent
7.1.1

Avira AntiVirus
TR/Rogue.7409935
7.11.164.86

avast!
Win32:Malware-gen
2014.9-141221

Bkav FE
W32.Clod608.Trojan
1.3.0.4959

Comodo Security
TrojWare.Win32.Barys.18
18236

G Data
Win32.Trojan.Agent.0RBXJR
14.12.24

IKARUS anti.virus
Trojan-Downloader.Win32.Agent
t3scan.1.6.1.0

Norman
Suspicious_Gen4.BXPGW
11.20141221

Reason Heuristics
Threat.Win.Reputation.IMP
14.12.21.16

Rising Antivirus
PE:Trojan.Agent!6.96D
23.00.65.14506

SUPERAntiSpyware
Trojan.Agent/Gen-Downloader
10164

VIPRE Antivirus
Trojan-Downloader.Win32.Agent
31714

Zillya! Antivirus
Downloader.Agent.Win32.124070
2.0.0.1781

File size:
96.6 KB (98,963 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\dsp_rocksteady21.exe

File PE Metadata
Compilation timestamp:
12/2/1999 10:39:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:hCPfh4OltNByKjV0cJE/LkZd/+DkRy02ah3y7THzj1qfH6CJpB6:hefh4O1ByKjjhcFzalsHtDCJpc

Entry address:
0x3607

Entry point:
55, 8B, EC, 81, EC, 18, 03, 00, 00, 56, 57, 6A, 06, BE, 08, 65, 40, 00, 59, 8D, BD, F0, FE, FF, FF, F3, A5, 6A, 3B, 33, C0, 59, 8D, BD, 08, FF, FF, FF, F3, AB, 8D, 85, E8, FC, FF, FF, 68, 04, 01, 00, 00, 33, F6, 50, 56, FF, 15, 54, 40, 40, 00, 50, FF, 15, 24, 40, 40, 00, 8D, 85, E8, FC, FF, FF, 68, 00, 80, 00, 00, 50, E8, E9, F9, FF, FF, 59, 85, C0, 59, 74, 18, 6A, 30, 68, 20, 65, 40, 00, 68, 30, 65, 40, 00, 56, FF, 15, A4, 40, 40, 00, E9, C4, 01, 00, 00, 80, 3D, 60, 68, 40, 00, 00, 74, 18, 8D, 85, F0, FE...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
12 KB (12,288 bytes)

The file dsp_rocksteady21.exe has been seen being distributed by the following 2 URLs.

Remove dsp_rocksteady21.exe - Powered by Reason Core Security