ex1.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.regnow.com.
MD5:
eaca557e10593957d26ac482e5b4923d

SHA-1:
35f22dd7fc044c90cdf6c104f1ac0126cc46068e

SHA-256:
0d6dd7e1873c59a26c157756188467af7b701cafe361de074ad9e179f9ba162f

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 4:19:11 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.7400

Quick Heal
(Suspicious) - DNAScan
2.16.14.00

Trend Micro House Call
PAK_Generic.009
7.2.49

Trend Micro
PAK_Generic.009
10.465.18

File size:
776.4 KB (795,002 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\ex1.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:ZtI3Es5id2j8zLK4sTqvFxAQa4WAAWy4cHsbC9R0NJ22khWpex0Gay7gc:wBid2j8zLUqvwQXWmXAsu9RLBWpA01Vc

Entry address:
0x34046

Entry point:
B8, 00, 40, 43, 00, 68, 88, 87, 42, 00, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 66, 9C, 60, 50, 8B, D8, 03, 00, 68, F4, 1D, 01, 00, 6A, 00, FF, 50, 1C, 89, 43, 08, 68, 00, 00, 40, 00, 8B, 3C, 24, 8B, 33, 66, 81, C7, 80, 07, 8D, 74, 1E, 08, 89, 3B, 53, 8B, 5E, 10, 56, 6A, 02, 68, 80, 08, 00, 00, 57, 6A, 2B, 6A, 09, 56, 6A, 04, 68, 80, 08, 00, 00, 57, FF, D3, 83, EE, 08, 59, F3, A5, 59, 66, 83, C7, 5C, 81, C6, 80, 01, 00, 00, F3, A5, FF, D3, 58, 8D, 90, C0, 01, 00, 00, 8B, 0A, 83, C2, 14, 8B...
 
[+]

Packer / compiler:
PEtite v2.2

Code size:
161.4 KB (165,298 bytes)

The file ex1.exe has been seen being distributed by the following URL.

Scan ex1.exe - Powered by Reason Core Security