ew2009kg.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download.wetransfer.com and multiple other hosts.
MD5:
b6f6780b5d67c4182e692976e861d447

SHA-1:
cfa8d3bcfb808a7b5e07ca9b3e063c2dbd6d5976

SHA-256:
630dae689e2fa2ba8e1b6ab833c01b1b499f2ec17c90a99cb82dd3dbefe97c47

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 12:30:04 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Gen
2.1.4+

File size:
6.5 KB (6,656 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
9/28/2009 4:47:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
96:diXOp2O9vwyIEtSCU4uu7OluJB0sVnNUULMxUJY6:diXO7CF19uQuJasVN2B6

Entry address:
0x126A

Entry point:
6A, 00, E8, 5D, 04, 00, 00, A3, 00, 32, 40, 00, 6A, 00, 68, 90, 12, 40, 00, 6A, 00, 68, E8, 03, 00, 00, 50, E8, 68, 04, 00, 00, 50, E8, 38, 04, 00, 00, 55, 8B, EC, 8B, 45, 0C, 3D, 10, 01, 00, 00, 75, 64, E8, 32, 04, 00, 00, A3, 43, 3C, 40, 00, 68, 9A, 02, 00, 00, FF, 35, 00, 32, 40, 00, E8, 59, 04, 00, 00, 50, 6A, 00, 68, 80, 00, 00, 00, FF, 75, 08, E8, 4F, 04, 00, 00, 68, 00, 30, 40, 00, FF, 75, 08, E8, 4E, 04, 00, 00, 6A, 00, 68, EC, 03, 00, 00, 68, 11, 01, 00, 00, FF, 75, 08, E8, 2E, 04, 00, 00, 6A, 00...
 
[+]

Packer / compiler:
TASM / MASM

Code size:
2 KB (2,048 bytes)

The file ew2009kg.exe has been discovered within the following programs.

EasyWorship 2009  by Softouch Development, Inc.
www.easyworship.com
About 9% of users remove it
 
Powered by Should I Remove It?

The file ew2009kg.exe has been seen being distributed by the following 8 URLs.

https://download.wetransfer.com/us2/.../EWS 2009 & CRACK_2009_Kgn.exe

https://www.dropbox.com/pri/get/.../EW2009KG.exe

http://bmail.uol.com.br/attachment?msg_id=NDc2Mw&ctype=EW2009KG.exe&disposition=attachment&content_id=<56ba70958eed6_78eb15d48a1ef3ec29326@a4-winter18.mail>&folder=INBOX&attsize=9172

temp:EW2009KG.exe

https://doc-04-3s-docs.googleusercontent.com/docs/securesc/qtdqsfht703gm1tg0sglt5gmcs7947n7/qrhjobs4nu3h835gmog59i9ojrg0b13h/1480644000000/12311369823204729820/.../0B59Nq_4J3aKsRFJSSnEtUlFJWG8?e=download

http://dc467.4shared.com/download/.../EW2009KG.exe

about:internet

Scan ew2009kg.exe - Powered by Reason Core Security