home

file_downloader.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from piratebay.com.co.
MD5:
3c3120f9f2b0d2fe1beccfa438db84e2

SHA-1:
7c81005a304c76b9cf2241f74516ac9141eca801

SHA-256:
6972061f1aa059b3d1813dd6db2d53c1ecb662ad022d3d1b99b99dc21f0b86ad

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 9:02:10 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Adware-BQN [Trj]
150714-1

File size:
301.9 KB (309,136 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\file_downloader.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:q0zmIMjIrpgPoFjdz5EFnO7QkZX1o5Y0e/HuR7CQsYH8:Zrrp75X1BHuJC+8

Entry point:
AC, 60, B2, 12, 30, 87, 08, B8, 92, 81, FB, 22, 0C, 5C, CD, C0, 0D, 3E, 70, 0D, 03, 6F, F4, 81, 6B, 19, 38, 51, 02, C5, FA, 40, BD, 4F, F8, 8C, 66, F2, EB, 16, 9B, 16, 2F, 18, DF, F4, 27, A1, A0, 4B, 04, 0D, 6A, 08, AB, FD, 24, D4, A6, 81, 8E, AC, EA, AD, 4F, C0, 57, 35, 1D, FA, 6E, 60, 0E, F9, A6, C1, 21, 71, A2, 28, 8C, 4D, 8C, 71, 2A, BF, 5A, 92, EA, 09, BF, 58, 1D, E3, 33, 7E, A2, D5, 90, 91, 2D, 0F, 15, 94, A1, 7F, 40, 0E, 85, FE, 47, C1, 83, 66, 5B, 6B, DE, DD, BC, D7, E8, 10, F1, 95, 64, 30, 0E, 81...
 
[+]

Entropy:
7.9704  (probably packed)

The file file_downloader.exe has been seen being distributed by the following URL.

http://piratebay.com.co/.../

Scan file_downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.