home

eset_t1196740490366276t_.exe

Facebook Malware Scanner

Facebook Inc.

The executable eset_t1196740490366276t_.exe has been detected as malware by 6 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from fbcdn-dragon-a.akamaihd.net.
Publisher:
Facebook Inc.

Product:
Facebook Malware Scanner

Version:
0.06

MD5:
a63f9e65c95963e489750ed449c8dd45

SHA-1:
56c6eed5c483ba4b2bd480f0d438a64ac493e634

SHA-256:
494dd4ad14571606a9cd64009363f6a3b83c3f5a0a7aec56ac4fceb48be30bce

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
11/27/2024 7:30:39 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160518-2

AVG
Win32/Sality
2015.0.4604

ESET NOD32
Win32/Sality.NBA virus
8.0.319.0

F-Prot
W32/Sality.gen2
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.225.2311.0

Norman
Win32.Sality.3
19.05.2016 01:04:49

File size:
4.8 MB (4,988,448 bytes)

Product version:
0.06

Copyright:
2004-present Facebook. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\eset_t1196740490366276t_.exe

File PE Metadata
OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.0

CTPH (ssdeep):
49152:+smzkc50LqueHQlhq3oHHkB+rqmPNinmWAA0Mi7uM4SX/KQ:vmzk8ueHQlhq3oHHRrnPNhF7hr

Entry address:
0x4F5E0

Entry point:
8D, 15, 8C, B3, 96, 47, 3A, E5, F2, 0D, 1B, EA, 17, 05, F3, BD, BC, 1C, 40, 2B, 88, F7, F6, C2, CC, B0, DC, 85, CF, FF, C3, 81, C2, D6, 74, 00, 00, 78, 03, 0F, BE, D9, 85, C7, 80, D9, 4B, 0F, BE, C5, 51, 68, 26, 71, 20, 00, 81, FD, 4D, 5F, 00, 00, 72, 04, 89, CA, 84, D4, FE, CA, 81, C8, 8A, F8, 4E, 81, 8B, CB, 13, CE, 85, F0, E8, 1F, 00, 00, 00, 84, C8, 84, C2, 71, 06, F7, C7, 6B, 80, D8, 23, FE, CB, 33, EA, C7, C6, 87, CE, 0F, 47, C7, C1, 4F, F1, 9B, E8, 80, D1, 65, 59, EB, 09, 69, D7, 03, 7F, 38, 9A, 2C...
 
[+]

Code size:
4.5 MB (4,738,048 bytes)

The file eset_t1196740490366276t_.exe has been seen being distributed by the following URL.

https://fbcdn-dragon-a.akamaihd.net/hphotos-ak-xpt1/t39.2507-6/.../ESET_T1196740490366276T_.exe

Remove eset_t1196740490366276t_.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.