file-uploader.exe

The application file-uploader.exe has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from noeld.com.
MD5:
eea44e8a8e0f90dfa882486bd7714366

SHA-1:
2334e11e9f05e26f1afa0da2f2032120b63e1746

SHA-256:
093f0c798bc2b0c5ef095d78159af13f9c53342bf3b3f7b5d6368c720b7bf0e8

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 1:14:48 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Variant.Adware.Kazy
2.1.4+

Reason Heuristics
PUP.Bundled
16.2.24.21

File size:
203.4 KB (208,242 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\setup wizard\3133d0a6-64e8-4ad1-969d-784d1d94dc69\file-uploader.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:tnVGuOuIL6rok40Or83V1QskPaq/dLb0etpkwzqjvX:tnHvIL6pSR/LB5tpkbr

Entry point:
50, 4B, 03, 04, 14, 00, 00, 00, 08, 00, 76, 90, 97, 3B, 64, F7, 41, E8, D0, 01, 00, 00, 17, 04, 00, 00, 09, 00, 00, 00, 62, 61, 74, 63, 68, 2E, 74, 78, 74, AD, 53, 4D, 6F, DB, 30, 0C, BD, 07, C8, 7F, 20, B2, CB, 56, 20, F6, 3D, DD, 5A, 6C, DD, 06, 0C, 28, 76, EA, 6E, BD, 30, 32, 63, 6B, 93, 25, 43, A4, 1B, F7, B7, ED, B0, 9F, B4, BF, 30, 8A, 4E, DB, F4, 03, D8, 0E, 13, 8C, 40, A1, F8, 1E, 1F, 1F, A5, DF, 3F, 7F, 9D, AE, FF, C3, 5A, 2E, 4E, F5, 03, B8, EA, 3C, 83, 7E, 08, 8C, FD, 10, 08, B6, 28, AE, 83, 9D...
 
[+]

The file file-uploader.exe has been seen being distributed by the following URL.

Remove file-uploader.exe - Powered by Reason Core Security