h1tm4n 1 by brasileno2010.exe

Eidos Interactive

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from download1450.mediafire.com and multiple other hosts.
Publisher:
Eidos Interactive

Description:
Hitman Codename 47

MD5:
250eeb1516da8a7087d1ec7d5c82b95c

SHA-1:
f0b57153439ea416ae5df2d8f8f8394236065642

SHA-256:
a6de79636340c635663b9b5919238bb40b363831e745cfcaf6b9334ff41ec5f9

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 7:01:32 PM UTC  (today)

Scan engine
Detection
Engine version

Norman
Suspicious_Gen4.COUKI
11.20150713

File size:
170.4 MB (178,677,637 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\h1tm4n 1 by brasileno2010.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3145728:oS3JQlUGUZidkJdtruPV93LOTllV1xIPmA18pF5l6QyDAnkA:TQ6IImV93LO37uV18pR6B5A

Entry address:
0x9A54

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 72, 96, FF, FF, E8, 79, A8, FF, FF, E8, A4, CA, FF, FF, E8, EB, CA, FF, FF, E8, 12, F3, FF, FF, E8, 79, F4, FF, FF, 33, C0, 55, 68, 02, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, CB, A0, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 06, FA, FF, FF, 8D, 55, F0, 33, C0, E8, B0, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 23, 97, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36.5 KB (37,376 bytes)

The file h1tm4n 1 by brasileno2010.exe has been seen being distributed by the following 31 URLs.

http://download1450.mediafire.com/va96qv2ho2lg/.../H1TM4N 1 BY RETOON.exe

http://download1477.mediafire.com/5cfm8htesbtg/.../H1TM4N 1 BY RETOON.exe

http://download738.mediafire.com/8m7vjud0apdg/.../H1TM4N 1 BY RETOON.exe

http://download1940.mediafire.com/a1379d971tng/.../H1TM4N 1 BY RETOON.exe

http://download1477.mediafire.com/bd1wkcrr0kdg/.../H1TM4N 1 BY RETOON.exe

https://mega.nz/persistent/.../dB4gwL5C

http://download2098.mediafire.com/f2fpc6v6x3pg/.../H1TM4N 1 BY RETOON.exe

http://download1940.mediafire.com/4cj6xmn2wb0g/.../H1TM4N 1 BY RETOON.exe

http://download1477.mediafire.com/3mr1qbo5z5lg/.../H1TM4N 1 BY RETOON.exe

http://download1819.mediafire.com/odlqzuxaczrg/.../H1TM4N 1 BY RETOON.exe

http://download1477.mediafire.com/c667417db80g/.../H1TM4N 1 BY RETOON.exe

http://download1477.mediafire.com/7lzhvcj4y2dg/.../H1TM4N 1 BY RETOON.exe

http://download1940.mediafire.com/j2w25li5chvg/.../H1TM4N 1 BY RETOON.exe

http://download1940.mediafire.com/6opk8p0q99fg/.../H1TM4N 1 BY RETOON.exe

http://download1477.mediafire.com/x99zsnr32zxg/.../H1TM4N 1 BY RETOON.exe

http://download2108.mediafire.com/q1ja6c89wflg/.../H1TM4N 1 BY RETOON.exe

http://download1940.mediafire.com/6hr5quet83sg/.../H1TM4N 1 BY RETOON.exe

http://download2187.mediafire.com/nlcnyd7l8oig/.../H1TM4N 1 BY RETOON.exe

http://download1940.mediafire.com/u9rp8h67pxxg/.../H1TM4N 1 BY RETOON.exe

http://download1940.mediafire.com/8qarm88rx9bg/.../H1TM4N 1 BY RETOON.exe

Latest 30 of 31 download URLs

Scan h1tm4n 1 by brasileno2010.exe - Powered by Reason Core Security