» kaspersky_t1654431178144648t_.exe
Overview
Analysis
File Details
Downloads (13368)

kaspersky_t1654431178144648t_.exe

Facebook Malware Scanner

Facebook, Inc.

File name:

Publisher:

Facebook Inc. (signed by Facebook, Inc.)

Product:

Facebook Malware Scanner

Version:

0.06

MD5:

3d068eb8bc27ef19b25d89f24253b8fd

SHA-1:

9747f74918617761fc9940ae03c9005fbc26ae10

SHA-256:

8038a814d8087a38b368a6b8d7347ac98d50492f1663f11e955330289eba200f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/27/2024 2:07:40 AM UTC (today)

File size:

5.9 MB (6,218,784 bytes)

Product version:

0.06

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\kaspersky_t1654431178144648t_.exe

Digital Signature

Signed by:

Facebook, Inc.

Authority:

DigiCert Inc

Valid from:

6/16/2015 7:00:00 PM

Valid to:

5/17/2016 7:00:00 AM

Subject:

CN="Facebook, Inc.", O="Facebook, Inc.", L=Menlo Park, S=CA, C=US, PostalCode=94025, STREET=1601 Willow Rd., SERIALNUMBER=3835815, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.2.5.4.15=Private Organization

Issuer:

CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0B6B2E79614FA5608274F64B40BF6257

File PE Metadata

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

3.0

CTPH (ssdeep):

49152:ZJXOz0pzmiS+owKfw1GtBWSvLUnnrZS+Z6JME6Bx4DugkOtJY83gxtqo+ZTCSxMh:e8FHj1sw3FygWObbDRNQyl

Entry address:

0x5C820

Entry point:

48, 8D, 74, 24, 08, 48, 8B, 3C, 24, 48, 8D, 05, 10, 00, 00, 00, FF, E0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 48, 8D, 05, C9, C5, FF, FF, FF, E0, 00, 00, 00, 00, 00, 00, 00, 51, 48, 8B, 01, 48, 8B, 71, 10, 48, 8B, 49, 08, 65, 48, 8B, 3C, 25, 30, 00, 00, 00, C7, 47, 68, 00, 00, 00, 00, 48, 81, EC, 80, 00, 00, 00, 83, F9, 04, 7E, 11, 83, F9, 10, 7E, 02, CD, 03, 48, 89, E7, FC, F3, 48, A5, 48, 89, E6, 48, 8B, 0E, 48, 8B, 56, 08, 4C, 8B, 46, 10, 4C, 8B, 4E, 18, FF, D0, 48, 81, C4, 80, 00, 00... 
[+]

Entropy:

5.3286

Code size:

5.7 MB (6,024,704 bytes)

The file kaspersky_t1654431178144648t_.exe has been seen being distributed by the following 50 URLs.

https://fbcdn-dragon-a.akamaihd.net/hphotos-ak-xal1/t39.2507-6/.../ESET_T10204459066315738T_.exe

https://scontent-ord1-1.xx.fbcdn.net/t39.2507-6/.../Trendmicro_T590626214435890T_.exe

https://scontent-mad1-1.xx.fbcdn.net/hphotos-xal1/t39.2507-6/.../Fsecure_T1101176309942031T_.exe

https://scontent-fra3-1.xx.fbcdn.net/t39.2507-6/.../Trendmicro_T839460089493041T_.exe

https://scontent-waw1-1.xx.fbcdn.net/t39.2507-6/.../Fsecure_T863820577079961T_.exe

https://scontent-cdg2-1.xx.fbcdn.net/hphotos-xaf1/t39.2507-6/.../ESET_T1555706278077055T_.exe

https://scontent-ams2-1.xx.fbcdn.net/hphotos-xat1/t39.2507-6/.../ESET_T1226459840701662T_.exe

https://scontent.fwaw3-1.fna.fbcdn.net/hphotos-xal1/t39.2507-6/.../ESET_T1742227349329450T_.exe

https://scontent-mia1-1.xx.fbcdn.net/hphotos-xal1/t39.2507-6/.../Fsecure_T515887368594954T_.exe

https://scontent-frt3-1.xx.fbcdn.net/hphotos-xal1/t39.2507-6/.../ESET_T10205956650704209T_.exe

https://scontent-gru2-1.xx.fbcdn.net/t39.2507-6/.../Trendmicro_T1041216119287166T_.exe

https://scontent-arn2-1.xx.fbcdn.net/t39.2507-6/.../Fsecure_T489421641254924T_.exe

https://scontent-mxp1-1.xx.fbcdn.net/hphotos-xal1/t39.2507-6/.../Trendmicro_T10209458013989549T_.exe

https://fbcdn-dragon-a.akamaihd.net/hphotos-ak-xal1/t39.2507-6/.../Fsecure_T10204488945344206T_.exe

https://fbcdn-dragon-a.akamaihd.net/hphotos-ak-xal1/t39.2507-6/.../ESET_T187149825004103T_.exe

https://scontent-ams3-1.xx.fbcdn.net/hphotos-xal1/t39.2507-6/.../Trendmicro_T1060329704033964T_.exe

https://scontent-mxp1-1.xx.fbcdn.net/t39.2507-6/.../Trendmicro_T1154717647903923T_.exe

https://scontent-cdg2-1.xx.fbcdn.net/hphotos-xaf1/t39.2507-6/.../Fsecure_T10205738042825742T_.exe

https://fbcdn-dragon-a.akamaihd.net/hphotos-ak-xal1/t39.2507-6/.../ESET_T1139707286053177T_.exe

https://scontent-amt2-1.xx.fbcdn.net/t39.2507-6/.../Fsecure_T928402163984075T_.exe

https://fbcdn-dragon-a.akamaihd.net/hphotos-ak-xal1/t39.2507-6/.../Kaspersky_T849107781882416T_.exe

https://fbcdn-dragon-a.akamaihd.net/hphotos-ak-xal1/t39.2507-6/.../Trendmicro_T1854726638087421T_.exe

https://fbcdn-dragon-a.akamaihd.net/hphotos-ak-xal1/t39.2507-6/.../ESET_T852179054911251T_.exe

https://fbcdn-dragon-a.akamaihd.net/hphotos-ak-xal1/t39.2507-6/.../ESET_T960044424073355T_.exe

https://fbcdn-dragon-a.akamaihd.net/hphotos-ak-xaf1/t39.2507-6/.../Fsecure_T1674750356147855T_.exe

https://scontent-cdg2-1.xx.fbcdn.net/hphotos-xat1/t39.2507-6/.../ESET_T1725003591061976T_.exe

https://scontent-lga3-1.xx.fbcdn.net/hphotos-xal1/t39.2507-6/.../Kaspersky_T1206069016084279T_.exe

https://scontent-bru2-1.xx.fbcdn.net/t39.2507-6/.../Kaspersky_T1178303105515891T_.exe

https://scontent-sjc2-1.xx.fbcdn.net/t39.2507-6/.../Trendmicro_T524387487764191T_.exe

https://scontent-mxp1-1.xx.fbcdn.net/t39.2507-6/.../Kaspersky_T240112136348697T_.exe

Latest 30 of 13,368 download URLs

Scan kaspersky_t1654431178144648t_.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.