home

ellinia.exe

Launcher

The executable ellinia.exe has been detected as malware by 6 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.speedyshare.com and multiple other hosts.
Product:
Launcher

Version:
1.1.5881.29760

MD5:
14d237df67812588ab47b31f82ad0ed9

SHA-1:
0bb4d209a5d56ac41325bf73d06ab171ecfe2c79

SHA-256:
e4b6ce8b270f34157206d424e0714fd814de0ab32271cf0b1f0923230bbc68b4

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
11/5/2024 7:31:08 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Dropper.Msil!c
2.1.4+

Bkav FE
HW32.Packed
1.3.0.7400

ESET NOD32
Detection.Undefined
7.0.302.0

Fortinet FortiGate
MSIL/Injector.LRE!tr
2/18/2016

McAfee
Artemis!14D237DF6781
5600.6486

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

File size:
2.5 MB (2,631,168 bytes)

Product version:
1.1.5881.29760

Original file name:
Redirector.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
2/8/2016 4:32:01 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:jaYk9CHkpfbkw9UdK2OGnBVKWn/qzuvA9MKC6JrPJdrn:uX9FfxkK2OGuWnizOA9Mw7

Entry address:
0x28808A

Entry point:
FF, 25, 80, 80, 68, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9877  (probably packed)

Code size:
52.5 KB (53,760 bytes)

The file ellinia.exe has been seen being distributed by the following 6 URLs.

http://www.speedyshare.com/gtqWV/327f6c81/.../Ellinia.exe

https://mega.nz/temporary/.../IgQmCAQQ

https://mega.nz/persistent/.../0px3BZTD

https://mega.nz/temporary/.../0px3BZTD

https://maple.ellinia.net/Ellinia.exe

https://mega.nz/temporary/.../gkYRSI7C

Remove ellinia.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.