free-fonts.exe

The executable free-fonts.exe has been detected as malware by 1 anti-virus scanner. The file has been seen being downloaded from files.go-downloads.com.
MD5:
bd80f11ef8eb205eefb597ef0869b0c3

SHA-1:
a55a6ddc2cc17c167cfd9623bef0c7c729a31f88

SHA-256:
b1851a16a6dc2f030a5662c7622a3b239087006f5a1eadce532486ddb943c4c5

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/23/2024 8:20:05 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation.IMP
16.1.5.9

File size:
615.2 KB (629,952 bytes)

File type:
Executable application (Win16 EXE)

File PE Metadata
Compilation timestamp:
5/29/2012 7:42:58 AM

OS version:
5.0

OS bitness:
Win16

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:ERLAj8bPtnIfqJ1lWgb3ixnxLANr1SlTzmfOv:ERLAy2fsL3ixndANr1GT

Entry address:
0x1B633

Entry point:
E8, 47, 9F, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 7C, 09, E8, C6, 9F, 00, 00, 3B, 30, 7C, 07, E8, BD, 9F, 00, 00, 8B, 30, E8, BC, 9F, 00, 00, 8B, 04, B0, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 53, 56, 57, 8B, 7D, 08, 33, DB, 3B, FB, 75, 1E, E8, 23, 39, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, 52, 60, 00, 00, 83, C4, 14, 8B, C6, E9, 83, 00, 00, 00, 8B, 75, 0C, 3B, F3, 76, DB, 8B, 45, 10, 88, 1F, 3B, C3, 74, 50, 38, 18, 74, 4C, 50, E8, 42, EF, FF, FF, 59, 8D, 4E, F9, 3B...
 
[+]

Entropy:
6.3485

Code size:
418 KB (428,032 bytes)

The file free-fonts.exe has been seen being distributed by the following URL.

Remove free-fonts.exe - Powered by Reason Core Security