erika rodrigues senhor eu sei que tu me sondas mp3.exe

BRASFIELD LLC

The application erika rodrigues senhor eu sei que tu me sondas mp3.exe, “Download da Internet” by BRASFIELD has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.wikizu.net.
Publisher:
yTVnQOo5hT6GbOusu  (signed by BRASFIELD LLC)

Description:
Download da Internet

Version:
8.3.4.6

MD5:
afbb29025d0acb2d2ef444339b8d4276

SHA-1:
9b43ea5f60a4ab44f1aa9ebda4578a2d80bfb2ae

SHA-256:
c53b6503e671bdddb0ac4c482c5728f89c24c1c9a1b4788737623cdd7178c9fa

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 12:22:47 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BRASFIEL.Installer (M)
16.7.9.17

File size:
74.4 KB (76,224 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\erika rodrigues senhor eu sei que tu me sondas mp3.exe

Digital Signature
Signed by:

Authority:
Starfield Technologies, Inc.

Valid from:
5/5/2015 10:42:38 PM

Valid to:
4/21/2016 8:24:39 PM

Subject:
CN=BRASFIELD LLC, O=BRASFIELD LLC, L=Lewes, S=Delaware, C=US

Issuer:
CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00975D4C0519C5095A

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:35 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:GoLDYsacy7mHMowHjXJF5BviSlqSyPhPmpJwPKbiGcaw:GoPyys5jXJF5BaJzPqeyWD

Entry address:
0x323F

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 98, 27, 7A, 00, E8, 09, 2C, 00, 00, A3, E4, 26, 7A, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, DC, 79, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, E0, 1E, 7A, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 80, 7A, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.4858

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file erika rodrigues senhor eu sei que tu me sondas mp3.exe has been seen being distributed by the following URL.