» fylm_sydtala2mar_alswda2.exe
Overview
Analysis
File Details
Network (3)

fylm_sydtala2mar_alswda2.exe

The application fylm_sydtala2mar_alswda2.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

MD5:

52c24ab31f1f07994f60aea76646dcd5

SHA-1:

020af848a02c4b71860f9d441484a6b0316e019d

SHA-256:

75fc45d59a01d7d78396e2386c6fcddca191d9e8688bec6d2cafc3dd183cfc1f

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 11:33:06 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.iStartSurf

17.1.24.18

File size:

442 KB (452,608 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

7/29/2016 3:17:06 AM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

Entry address:

0x3870A

Entry point:

E8, BC, 00, 00, 00, CC, 55, 8B, EC, 83, EC, 18, C6, 45, F4, 42, C6, 45, F5, 28, C6, 45, F6, 92, C6, 45, F7, DC, C6, 45, F8, 02, C6, 45, F9, 08, C6, 45, FA, 05, C6, 45, FB, 07, 83, 65, F0, 00, 83, 65, EC, 00, 83, 65, E8, 00, 83, 65, FC, 00, EB, 07, 8B, 45, FC, 40, 89, 45, FC, 8B, 45, FC, 3B, 45, 10, 7D, 70, 8B, 45, 0C, 8B, 4D, 08, 8A, 09, 88, 08, 8B, 45, FC, 2B, 45, E8, 8B, 4D, EC, 0F, B6, 4C, 0D, F8, 99, F7, F9, 85, D2, 75, 41, 8B, 45, F0, 0F, B6, 44, 05, F4, 8B, 4D, 0C, 0F, B6, 09, 33, C8, 8B, 45, 0C, 88... 
[+]

Entropy:

6.9416

Code size:

262 KB (268,288 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to server-52-85-67-36.lhr5.r.cloudfront.net (52.85.67.36:80)

TCP (HTTP):

Connects to s3-1.amazonaws.com (54.231.97.203:80)

TCP (HTTP):

Connects to ec2-54-88-21-193.compute-1.amazonaws.com (54.88.21.193:80)

Remove fylm_sydtala2mar_alswda2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.