jovesmodpack_0.9.15.0.1_v26.7_extended.exe

wotsite.net

This is a setup and installation application. The file has been seen being downloaded from cloclo27.cldmail.ru and multiple other hosts.
Publisher:
wotsite.net

Description:
JovesModPack_0.9.15.0.1_v26.7_Extended.exe 26.7 Installation

Version:
26.7

MD5:
730330f3de37bea0b7c753cb037136b8

SHA-1:
46b2440aab3b86490031a9fa3a3c83fe215fa63a

SHA-256:
18dcc3e7543ac3aaef1404e5869aa8bd6c35f1b6a0d30cb08ee2d44faf0fc502

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 1:51:55 AM UTC  (today)

File size:
168 MB (176,110,895 bytes)

Copyright:
wotsite.net

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\jovesmodpack_0.9.15.0.1_v26.7_extended.exe

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3145728:9w2+VP+PCA5ORbu6HIFjONtS79dK55vcFtzITcG5hDYkIAy8:9w7R+2/HIcu9dv3g7AkIV8

Entry address:
0x25468

Entry point:
55, 8B, EC, 83, C4, F0, B8, 88, 53, 42, 00, E8, 24, F2, FD, FF, B8, C8, 54, 42, 00, E8, 2A, 1C, FE, FF, 8B, 15, 40, 88, 42, 00, 89, 02, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, 48, 88, 42, 00, E8, E4, D3, FF, FF, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, DC, 87, 42, 00, E8, 7A, 64, FF, FF, A1, 40, 88, 42, 00, E8, AC, 4E, FE, FF, E8, DF, E0, FD, FF, 00, 00, 00, FF, FF, FF, FF, 01, 00, 00, 00, 2A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
145.5 KB (148,992 bytes)

The file jovesmodpack_0.9.15.0.1_v26.7_extended.exe has been seen being distributed by the following 22 URLs.

https://cloclo27.cldmail.ru/2iXrU6dmwCio6ya94FLa/G/.../CMtaT34mN?key=65249d19de49323f36a8505add73237c2fa9fcd5

https://cloclo23.cldmail.ru/8wCLh3Yf8f8ECp5uXaV/G/.../CMtaT34mN?key=f72d009fb2cc3072465f3e380d128c91eef8c191

https://cloclo11.cldmail.ru/2czcduZrG3qxzjKRcddh/G/.../CMtaT34mN?key=021d4bd6ac6fafa4a857384aff1d403c4b12275e

https://cloclo28.cldmail.ru/28vhAmxK2G6gEg6kXGH2/G/.../yX3qUH6zk?key=ba78b776a26be78e184e45e66c881b648619cfcc

https://cloclo19.cldmail.ru/gya5prYzWqCMMs9jqZL/G/.../CMtaT34mN?key=5ebe13694c9785ec234e2605a65bb6168417603b

https://cloclo11.cldmail.ru/GVJDi5zYgsBtfknbbAX/G/.../CMtaT34mN?key=8d1cd1e16e9f903f1b208ddc70177e7b12c73447

https://cloclo22.cldmail.ru/kuRvJneAu2Ps6VNyMqh/G/.../CMtaT34mN?key=518708b84f81820637c709cd0d6e3c24b2d4e83d

https://docs.google.com/uc?export=download&confirm=37iO&id=0B-rnr998pBu_X0xhSG0wUVFGd2s

https://cloclo9.cldmail.ru/22AzFdwBgG3hQrhuCou3/G/.../CMtaT34mN?key=44658850e15428f4a1baeb51b5fcd05c3ad1147f

https://cloclo39.cldmail.ru/2bDqm7H2GyBWbEdiPz7h/G/.../CMtaT34mN?key=df7e954a346a27145a5ec69235aedbe32418f4a0

Scan jovesmodpack_0.9.15.0.1_v26.7_extended.exe - Powered by Reason Core Security