home

Dumpper.exe

Dumpper

CasaTech Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from ir61.uploadboy.com and multiple other hosts.
Publisher:
CasaTech Inc.

Product:
Dumpper

Version:
30.0.0.8

MD5:
efbb3c41d2f4a59704e2ad5811fc3e90

SHA-1:
0cbe95b13257b8439fe74a6cf23a1036920f37cf

SHA-256:
dd90be9af343034d3d0c13f530b87af4c8d344484c66bcf3560090566eeab794

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 5:23:25 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0126
7.2.134

File size:
1.6 MB (1,680,896 bytes)

Product version:
30.0.0.8

Copyright:
Copyright © SkyWatcher 2013

Original file name:
Dumpper.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

File PE Metadata
Compilation timestamp:
12/30/2013 2:36:54 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:EFIcXFIchYMIPFIcXFIcXFIcXFIcXFIcXFIcXFIc/FIcWpkB6rFIcP:ALYMINLLLLLLXK5

Entry address:
0x18294E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.5 MB (1,575,424 bytes)

The file Dumpper.exe has been seen being distributed by the following 13 URLs.

http://ir61.uploadboy.com:8080/d/.../Dumpper.exe

http://www.fayloobmennik.net/files/.../152306594.html?check=fd2c53d93aeee63f9e57a2c8e1aa9c4b&file=4074820

https://www.dropbox.com/s/.../Dumpper.exe

https://docviewer.yandex.com/source?id=4otz6-b7hmkoo7j8uea2obh6q1j37m0gf6vcxz1l9echglrf8akizvx7uo1uyqgzl7uf8pw7ffkik0ccvznnlufc4oem06nf7h2qqyks&archive-path=//.../Dumpper.exe&ts=157321d87cd&token=Ho1aDJlAmUGR7FZubuv1Cg==&name=Dumper JumpStart.zip

http://d1.share.az/files/3/.../Dumpper.exe

http://ir61.uploadboy.com:8080/d/.../Dumpper.exe

temp:Dumpper.exe

http://dc682.4shared.com/download/.../Dumpper_309.exe

http://www.fayloobmennik.net/files/.../83696654.html?check=8ff137d395fbcfcaa13551f9257421d6&file=4074820

http://download.gg/download-6092632-Dumpper-exe

http://www.fayloobmennik.net/files/.../61888730.html?check=b9a084d9dd57e01f220020aa43c4c6d0&file=4074820

http://r4.fayloobmennik.net/files/.../39749944.html?check=b13cbbd763b5de706a752044e7ded8d0&file=4074820

http://www.fayloobmennik.net/files/.../54727230.html?check=13c7e361cc5fc3f4c1fd5131b56bc01f&file=4074820

Scan Dumpper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.