» forceop.exe
Overview
Analysis
File Details
Downloads (11)

forceop.exe

Java Executive by Jar2Exe(Created by J2E 1.8 Trial, RegExLab.com)

RegExLab's Friends Group(Created by J2E 1.8 Trial, RegExLab.com)

File name:

forceop.exe

Publisher:

RegExLab's Friends Group(Created by J2E 1.8 Trial, RegExLab.com)

Product:

Java Executive by Jar2Exe(Created by J2E 1.8 Trial, RegExLab.com)

Description:

Java Executive by Jar2Exe, RegExLab.com(Created by J2E 1.8 Trial, RegExLab.com)

Version:

1, 8, 4, 444(Created by J2E 1.8 Trial, RegExLab.com)

MD5:

7fe20665c706ba5929db1ded96503e25

SHA-1:

c2970aadeb10c878b92792d642db3612c3e35024

SHA-256:

bb6babb4a591c1160dfa80e6a3a2b1f67b00ecc6e1e43dd6035df485f46d4e26

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/26/2024 12:24:02 AM UTC (today)

File size:

425.5 KB (435,742 bytes)

Product version:

1, 8, 4, 444(Created by J2E 1.8 Trial, RegExLab.com)

Trademarks:

RegExLab.com(Created by J2E 1.8 Trial, RegExLab.com)

Original file name:

J2E.exe(Created by J2E 1.8 Trial, RegExLab.com)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\forceop.exe

File PE Metadata

Compilation timestamp:

3/4/2012 5:30:31 AM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

6144:bsTK92By+K/dnx7KlsbUDyfDfGX3dTqK6pHM84+SKKbBtGzkvTB09RrFNdoCFeXy:fxqwjguBszTy9RrF/oCFizvXcbz

Entry address:

0x16D50

Entry point:

48, 83, EC, 38, 48, 89, 5C, 24, 50, 48, 89, 7C, 24, 58, FF, 15, 1C, 74, 02, 00, 48, 8B, C8, 33, D2, 41, B8, 94, 00, 00, 00, FF, 15, 03, 74, 02, 00, 48, 8B, D8, 48, 85, C0, 75, 0A, B8, FF, 00, 00, 00, E9, 32, 02, 00, 00, C7, 00, 94, 00, 00, 00, 48, 8B, C8, FF, 15, DA, 73, 02, 00, 85, C0, 75, 1E, FF, 15, E0, 73, 02, 00, 48, 8B, C8, 4C, 8B, C3, 33, D2, FF, 15, BA, 73, 02, 00, B8, FF, 00, 00, 00, E9, 01, 02, 00, 00, 8B, 43, 10, 89, 05, 93, B9, 03, 00, 8B, 43, 04, 89, 05, 96, B9, 03, 00, 8B, 43, 08, 89, 05, 91... 
[+]

Entropy:

6.7826

Code size:

241 KB (246,784 bytes)

The file forceop.exe has been seen being distributed by the following 11 URLs.

http://download1319.mediafire.com/asitqb26tkdg/.../ForceOp.exe

http://download1198.mediafire.com/qy1jp2zu9bog/.../ForceOp.exe

http://download1692.mediafire.com/emfom54cbusg/.../ForceOp.exe

http://download1319.mediafire.com/5amw1873d9jg/.../ForceOp.exe

http://download1198.mediafire.com/wlx9sqzx9qzg/.../ForceOp.exe

http://download1692.mediafire.com/j49eugwg0aeg/.../ForceOp.exe

http://download1455.mediafire.com/v26ap6gkh4ug/.../ForceOp.exe

http://download1405.mediafire.com/adylshhbpsig/.../ForceOp.exe

http://download1198.mediafire.com/erjucabfl2sg/.../ForceOp.exe

http://download1198.mediafire.com/gc0brdjtss8g/.../ForceOp.exe

http://download6.mediafire.com/yc7rw4c92y3g/.../ForceOp.exe

Scan forceop.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.