» inglaterra2015.exe
Overview
Analysis
File Details
Downloads (31)

inglaterra2015.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from s8229.minhateca.com.br and multiple other hosts.

File name:

inglaterra2015.exe

MD5:

46acf6663a7d2cea1d3bc554ffe8a2d0

SHA-1:

ea9e227ae79992d174136a789c95dbcf7cf9557e

SHA-256:

a67618d9a062a4d02a677e510d6263c7456e41343aaa76a1f31e7418ef564c0d

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/5/2024 1:36:50 PM UTC (today)

Scan engine

Detection

Engine version

NANO AntiVirus

Trojan.Win32.GBZG0066.dtleie

0.30.24.2487

SUPERAntiSpyware

Trojan.Agent/Gen-Agent

9765

File size:

1 MB (1,049,298 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\programs\inglaterra2015.exe

File PE Metadata

Compilation timestamp:

10/7/2014 1:40:23 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:5UkRs6DIWMJcknfV3Erh+ZX5i1A9DDNE6:5UGs6zIN3PjkAt

Entry address:

0x30E2

Entry point:

81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 90, 91, 40, 00, 89, 5C, 24, 20, C6, 44, 24, 14, 20, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, 1C, 71, 40, 00, 53, FF, 15, 8C, 72, 40, 00, 6A, 09, A3, 78, E4, 42, 00, E8, A8, 2D, 00, 00, A3, C4, E3, 42, 00, 53, 8D, 44, 24, 38, 68, 60, 01, 00, 00, 50, 53, 68, 00, 88, 42, 00, FF, 15, 64, 71, 40, 00, 68, 80, 91, 40, 00, 68, C0, DB, 42, 00, E8, 52, 2A, 00, 00, FF, 15, 20, 71, 40, 00, BD, 00, 40, 43, 00, 50, 55, E8, 40, 2A... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file inglaterra2015.exe has been seen being distributed by the following 31 URLs.

http://s8229.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMfb5-RpUPVHQIVhxR4Vu2xm-FCmqBwawbtgkF0WeqvNx6pCSB0x19r5tD4gfoigscxwyWXfclZxwFmAW3xF3a5sgJxz0BFaWBYufBpYwsYYSg&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMeLLTE75JdtWZbdCi9aw6EE0fJGpV7JdnS4askbe5I55m0OVtJpo9vMDBnIekTYcH7yqYbhl-oKkRR_EvuI1jC3wsgGmQ1w9R_BlwxrrRYBnA&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMc5gNrkt0_UkhVqEAX7r33QjYSUE0x0cRTIBluFZXzAUxAzxRMGmdyi3Bym30Xdsrjojy75sGmWtYUFzY5rWRJNw9y75cFp9ap4g8uZMLACcQ&pv=2

http://s8229.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecLw30sAYoPZcHBMOJvkFh0_2fGGmmXsk4KB9mF1X6VLVnc32YRPN5ALiepkMgUJ8wgylWnlUmuYY_iKVX-zFKrSNVnhEPpFNO95iAqOJHppsWTN-vBz4uwREGSzK3_t3UWQ&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMehanq0h6SdKtNi0I2uvyyiXB_o1BMbxwMh8AhzqD5VZL1FT9O49VLL5Laz9UR59_I0bMx5XN7MAPqG7MQ1tbBjMcg3yUD-9tqHbZE4WpIMng&pv=2

http://dc743.4shared.com/download/.../inglaterra2015.exe

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMdoCTYo8r9T-6E1X475hWFaDnD_b0-cc0VnEn09Wl1r6MbfFIokpwM-NHny2YdMVg44ANT0ho7oRf7cJtlktUXvLD-nGF2C4oBi42ywRnWZUA&pv=2

http://s8229.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMfrrJBzfKojNCto_c7aqp0h_NevAnIMlGJoyyyXWN7GVkwW56BOlcvo9ROzdrbF3gzJRipiGkE-5YOn76IM-nXrOO5-xq2a5Gx6zlyKz2oopg&pv=2

http://s8229.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMe-JJfikGEaXitVOsurFtojdnD_B9LrAKsbBzv0m3D_WWYoyJ6zcLaYIiygxA1UxDU_8Ozi8NH8d3YkQ7c6MfHmiXBhPOmZ40GQuqazOwgyNw&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMcfkE5FLSHNuWczsE3jMVsmMtJfgkrbt4hLNpIN9yJ7-G9-kYV_Avc4P1I2hMWsd3Z2vzCv_SYf7Fg686T02AI16u672R3AuOVC1dqw1E6xfw&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMeZwLq1tC7LA-wwycEdt3kx3UbxGymOQXjUGhKHnajVZ0xTB056hepSo9fqpBlngoSSMH5BZ77yQ9MYyULwoW0ZhEZnt2oAc9LtdQUKVRFagA&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMezOSnKNSF_U6L2rraJb5GwFLbY88L1GH6gCPfWTZ84OFVyFD4CNbXdPtoYiNITUT0F0ZaLFWX1u6_Lhp8m9nHyLlP-fJMwJKz3vu3sT7eTqQ&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecLw30sAYoPZcHBMOJvkFh0_17u3c1msINOHEuWzlgD3Ke1LyAKDKZstd-urUg-8rNtehbYYxegiFQqd7qKb-j3F0zIjhklySlIMoikHslrKvZ4zh8p-iZ3TgxHRh25f1f9A&pv=2

http://dc444.4shared.com/download/.../inglaterra2015.exe

http://brasfoot.com/dwnpatches.php?v=2015&p=5

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMeEeu_VLg6OBqy97D32jMLKc90OqSLU9eIM9KVMdQZ7C8gWcv8-7X2P4P99E5EbA2RoDwadRloHz9nfbnFP5dYzRh3HgQUEabJ-jcAJhLU24g&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMerylSQENMS1d25SqKdbLOgQtuEKiCTzNiB793YA2VbMzmCqM6_zrdZjMCwEi8sni7jQzD_KVQsKhCfZNv3rNSd0qVijRcMG3jSlQJuXXQyJw&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMeR72o1_1imjBzJBS_aKjOmYyCHMCfyCaOViHiyawQRuQdM9PERno51wsz-daIp0EHnL6c5cMBrKT5VC596E2sj7-o_ywpxlJtnSEIFZKUWMg&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMfz3sPlPNNISyHIi3Op6y7e55WaO_IJI9KhhooehulGHhiIrSpTxtAOqKO35KqurFNmPzUgqx4H9FgarKHzZ3gFy1NkwEXDSgebgTlO5b_4WQ&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMdHJxEXJM1m9WynJbGnzy10NEXYhH_TIBH_wDjEOrUOzB5dMGn9ZzVJ5q0UFajbXtN11_5g35E99yUI5YtNGPInuGVHCtXC01IubPRfsz5H9g&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMfUi-iETzD9AX_u-C-zqYWIozF2v_M72vS5zawcCCP4Q65R7IQv0dJastL1yG7Xg4zXu9zk5y82XWp6gSftg3P5uRAXVYxYqeDIzlirYlRteg&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMfmyuOWTfrbyq24qEqoeSttIYQF7606NtD_8mOsb-Meg3foAJ1RABqr0RUcmVyPQevvLttz-uljBCIoNeBBH-p5InwG7ZaWgLjmWwN_SqtrAA&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMfcbdVlSezOdIQ7lA3qK9oQUfnyXNGzowSUTiPlWSEBjcnuTU9__6v_VdowQA1yjte7ajD4kReEG6v0G60lkNXV80c22x6by55bh3xl23BezA&pv=2

http://www.brasfoot.com/.../inglaterra2015.exe

http://www.brasfoot.com/dwnpatches.php?v=2015&p=5

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMfYUKC1kkm11c5MWtrK8zJimc5Gx6CWP24VYqGR7lNc5edBPZDZvmOwzYz0UnpqX-UjHlyYZnf-RZPAL2v5Fh9QDi0UowuTGO1CbPH86ivg1w&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMeZLsK_Cml4-tXVv7zpSUYpSUfiPDGkvcL9ePbLFBomsUtBkNiHHEnxgCBTIfpFSG8-7jStRLPVxyOiCOaxQlWJu5s8j1jvL3Xda5yhNfcqyw&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMf0XHmpeUpR2rqK6XVglxZG2ecRX8_ri9Umuc8MNBVTV9mNqvXWVFXXWqrbDzh0bbdDI9r6DXAKS3YY8rUHgjKV9d00UoQv3CSls0LJlarEMA&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMdYNfa6KtYVbOFbLJUSEIvujsDNxgjooDy64ckLzPN2dESmJiCmr9kdh2DMhQTOhzpNK0ciPDj5aluDaw138EiwwprN3NIb0f4fyC8LA5kl5Q&pv=2

http://s8240.minhateca.com.br/File.aspx?e=REUKnZWIjqFca09vwRecL5iCaPlhlSbWEHEl8WGhPMdwfNPMPTVsJT2A5B8lTpSrdFrxnnlZHyPHxAfoRxmiTthwyLvtw8ZrxJzKuEPEaca9xQXYAwO6Lx__hbkRqZWX_QUtzxoJtXblHkp64nrsVg&pv=2

Latest 30 of 31 download URLs

Scan inglaterra2015.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.