KillBox.exe

Killbox

Option^Explicit Software vbtechcd@gmail.com

This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler triggered by a time event. The file has been seen being downloaded from download823.mediafire.com and multiple other hosts.
Publisher:
Option^Explicit Software vbtechcd@gmail.com

Product:
Killbox

Description:
Process & File Killer

Version:
2.00.0881

MD5:
32cabb7112e22422075279bae1bf729b

SHA-1:
5035b4bc189d79c4573032b5d45b53114aa7d142

SHA-256:
ff6b75d04c96673089d9999dc504b2e4696264b56be8fec9e8d3155fd905c9b9

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/24/2024 12:38:47 PM UTC  (today)

Scan engine
Detection
Engine version

ViRobot
JS.A.Iframe.92672
2011.4.7.4223

File size:
90.5 KB (92,672 bytes)

Product version:
2.00.0881

Copyright:
Freeware

Original file name:
KillBox.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\syswow64\killbox.exe

File PE Metadata
Compilation timestamp:
5/17/2006 8:05:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:rkcvYofMPh782V7ZFcZ7lYHrdntK8gfXK/Y0iaM+YtIDCJak0k2WDnW5ZEOAdX5j:rkRo0PxV7jcZ7yHrdtK8gfK/Y0+zJQS/

Entry address:
0x519C0

Entry point:
60, BE, 00, C0, 43, 00, 8D, BE, 00, 50, FC, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 19, 8B, 1E, 83, EE, FC, 11, DB, 72, 10, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11...
 
[+]

Code size:
88 KB (90,112 bytes)

Scheduled Task
Task name:
At1

Trigger:
Time


The file KillBox.exe has been seen being distributed by the following 49 URLs.

http://download823.mediafire.com/te2t0teqhhbg/.../KillBox.exe

http://dw.uptodown.com/dwn/dfFLfjLM4gFQyNi8iMgW2ROCWoslqJuSS0hPHomZNwYL32Fpdx4mcG9kOz5URuEasXsQ4KasZf-5V3AhJN8Ck-8lQ3rXwPF6avFBZyvKn47bjqCTbNSSFdhGfVKDs7CD/x5xDa5zqLdB55pt4JHxJKPoHE6UKUElUAAWJzbO2JGfp5wP7b9BQtrcfcBLU0FcfrSeGy9DUboOcVt7JI_TIyS1k3u46R082RtSOFvZjeEfTkjO3NpjPBhqsXH0aTOt5/f69ybYW3Xuh-YixVlgLieHSK-I_h8pkoVPag6gcxkKfSVJdT1H8S0vAIZ3wWq5nzwj2lpFDcboB-nqVmnA9fKLNLn9SeccNzjlQdCHxdquGyqGnM1SIBn5QDcf-XcGvy/.../

http://dw.uptodown.com/dwn/UslaYiMwLUEgwQP7-cM6HTgDSmrGdY_cvW6lSFEMTYGcJHzBHIeG-n6xlsT8ihbkqopYbtzDudrUxqN0DLx1CYFNXvEXUgpRMzgUsGkNxZRB7_N5gFvbxlDxa_6V7ugC/5pCGG6YT80Fhy4yhp_-ARLtgqOi9-toGRpkUCE2dB2G7zHoRQsMLl36DRiDu8ArM9U6UwOeObbT9tYGJL6dgNhlwSU9CSiotIZEaHggTrvx6v3DRUpKeigEJV46ADg3E/.../

https://dw.uptodown.com/dwn/Mln569sRUC0ZPaOksxOq1dBvpbxYJjBv-OXbv_kvtCHLFgndC_Ogl3rwQbxZf-C2nFZtFrqBDwLygGQiP7C9kiIQTBqhbGtEA22Weem4dbmNQsJvJ9pwFEcJ9LLG3nAG/9wlCX3D4iK19b8ppjYYcbAtqcuO77JDxP9Orfr0CWeaSjjUyCgwJH_puedeb_pm3tnYAEDvdHr9AxUYDCWptYNYlheZ8FGF1NB22vKmYXFExzXPKpEZFyEdVLBaeD-Jc/S8VY8SxYmUMEBPDMfB3TuzTS6WnfMfa5wf5kSXss9FpS2x8KQTmroOz0kwTqBvBsrRcWtZv6gfjbGOnWK_q4u4XD9-q4q6xaWLxiMyHMbfsHGk1jqGfUfspEDAk7vznC/.../

http://dw.uptodown.com/dwn/57fCcdd2_3aS_u5ipOAu7t0nTw-yleDfPZJjb9KVtCgrozfUOSIS8pJeB_ya55qavFX3VLta3b4QgMQSW4mm04x8bPyzuaCWr8WDSEd2wH7y7dAIwQdqvC-lyFX7KtmO/A9gC5YvEi5v8tc6zfsp9jt2Uu6zETziOwjRK9u_h5S76ToR-1BddlIaIROnQyulvof7q1LsHm6YHOyaV09Zdc-k_MsEngUiBiB1pW3HIHMgtrrZTptaF3tnsfBLStgVN/.../

https://dw.uptodown.com/dwn/eBGUixtOnIIbvKnjTlHKMi9iYmSuIadbdq3dWDhafEoLU5v5snMeSXxhlzUX90j4BOLjSm-wDJ6q1FUz85uTn8fitNeLfs44I3i0fSvLLJGfYL05Q6Lwg1aOF5aqoHEl/o4A9wp6_-nAupkYspPhGHKrKaU41Jm39yQgRQURxAcav-HvdfGwSc_3VeBWXweQ1JGWlTErhsEROfQrEQ_spfJfMpfZQyjTb0BuGjuCPtJq8t1g0q2JfAW7_DkjFZKeA/sWKkf3b9M1quCByGF60uZWlrzcjiYhwX5n_hpYNI_eECz96RC5LwIsHmgDr7pxlg_cTEenKb2LUYWWENxsZ-0BfbQMBIRKspPWoa6rRJS2Lkt0tct83QkDYbIaqbLOMN/.../

https://dw.uptodown.com/dwn/nCVbudeQJbL7yhIfOM3-b50bZ9kE4WLBVujO6JLeCkFVQLHYTNDNyrpclKKhKwPT15r8aR4hHzxiIFAX7yXhN2zMuCA1flAQzvkl-w7O8b7TwRiKg_s1ctFsDqieFZNW/qpuRHm-l8lm5_HMtH3Pqcbt05ypVjAcPuPGPN-k-WKoKXJ1xlcj5X03uZtbkBDnU1XN6f_hVvfd9KsYFIvJqwE3ifvka_cgmbUF2gI_92VOuZI0-ig8_9SWEPC8yCllM/V-9QXNNS7TfRhXAMyPa3EkOg8arS9hJwENTYE4EHJjmDkctjIQK5xW0GBeWq9uQiDa_KWifyyLLt0wqKSVU_1JYSfTWiiPXaf9fuSVYeHPgs2Ys9BQqXr9XxwHlduI4H/.../

http://dw.uptodown.com/dl/1438125613/.../killbox-2-0-0-881-en-win.exe

https://dw.uptodown.com/dwn/z_f8ukklYUlnjoG9cTzlQselzoumLDb3FW_gwIpLkSn0K1xTVQsMIEwvERKjic9mIGdinBd5gnWxG1kJmXlsFJSHUvN5wCGRXzftr8uTpi96KnI2GVF3mkHdFHHeiH69/RZR11pWGVSG-833EaVSdCMsLPxJqJXFrhudpbQBvTusvV-JmHlwH5gVna0PJPokYYpqHzDQMLYFQq6BoDFyMfBf8J4RvA2YKMpE32ke5v63oKNNeVJipg2F3aP1qstu-/yN6QFXi4yIbnGo-vAv07v9eSU5iznlPDMFh06mVgu1LTmVHClWp_qIG59xcFbd_Zo35CPbkw0IGoJodETiWUEezLtdiRh-NWl8Yqvzxb72y233Awvq4LOW6E9qR2UdyK/.../

http://dw.uptodown.com/dwn/229ssYONiKbnp1igdwTyyqLqyR8rYw3BAfALBhcwaBol8E16Amgfky0cfAmz9ZAODdCzMIcrGMtUUl7fDHRUO6fh9SKEwExqE6KGvSDyqsHI9W1fnaMgGsguIWm8827O/6xRp_vEwtqbA_YaG2P-Z4EuKUswPZuU8EEYI-49z8NGtvxyOE77FR4OB5lfUKKfoRyqwiIwJphVD8gNOyTb2nEExKUziYWZ-FJYOLryIPhJIduF7OyjqGpw_vmoUB8KK/.../

http://dw.en.uptodown.com/dl/1447521093/.../killbox-2-0-0-881-en-win.exe

http://gsf-cf.softonic.com/503/5b4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=46370&instance=softonic_es&type=PROGRAM&Expires=1460419160&Signature=WwdEAOcwB5mAKtrdEbkX9a-umuoFc2uxvgnZpDXRV4Pxd2nE6~tkN9IDupp-oOnUDj91KzPfqwf-b77uT-lhCybm~0tOK3xDakfcXuz-KgsbpuSE7khn1fV~mXGNIMXpq3z6iaZojf0pnhvdLgV-fw3WdQq01DxD-Vm1PpopfX4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KillBox.exe

http://dw.uptodown.com/dwn/ijQpv4pJLlCo4J7fqmi-0nU2vnaof7irmCuexCgz4QI5Px2vV2tgFOs5EVAarcsQfPjzars_y5iu-qnOoYEYmaDFw2N_c1KRAjUXnDpuh1lhGaWE84yiotqAehSALMWI/1hRz_gbGGF7R4YestXDL0DQMnnGYavs0tEsIWYnSmPBBXofrdLAcC9qRWqHLMaADrOeZSnbExB98s-kbaSLqdhFrZZ_s4xQd3eTG1mviKrSbQt2ViffrVj9gpinsBnYj/.../

http://gsf-cf.softonic.com/503/5b4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=46370&instance=softonic_es&type=PROGRAM&Expires=1480747008&Signature=hD4pzSzMmu~tqo0nEEUGVi7mCiwrF~f~Yxx4v-dBGxiwKeSXPcPYDC3EOHByy~FM66jIOA~DS9QC8nHBlt0RCY0S0y6wpTPibzCrVgmVpX9wURsnwgFSrb6WfrFKJ7aiQ-ok-wfWTTsfsnBWcHNhMp68YKUkkQFW5kzS7Q-WIhs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=KillBox.exe

http://dw.uptodown.com/dwn/9A6nZaEuWFhdmYugOMRw25Llqfr9egtj5pqAYYLtTPJmKIQl-sIFp7H2lwSCL_lyIZBY01yjI4apkgDnIQQ2PEuDDQx6hlMpvjTo15IYfxZPNeyrXMXXVVxbcod7Ozyi/9MRrdGbF3acPxfyq6XmauFcPYhrNng0rbrryRRcXaLBroxWvvSX8jQBlQ-Mx28OZgVJN21yLnYLYeW6XhCHQPrr_HlmvLX4jnvaDEbS3_cjPCYMDvrGjHj-khGv9pLrm/57CudHmhGNwanXS3lDGLJUR0ymiJLMvkJpag-rvEHnlGGN-X4p3xMEXpdbZIDaL4GC5FsWS9meYqHhWDSbvVT7p0wBIX23FCDMG-S7EWTpJ2NNCT46g1fifCfYvHSown/.../

http://dw.uptodown.com/dwn/08r41Rd9vvFkNpKpRCatqHfR57RvFYHNi7O7tbvJlR0g83sbI1XFJN1AQAE_S-cD_5gR7y4LS_cuFGlVPJnL3pfNyWejqn3-_lpQdkbPRvUUSKsfU9k7vDxHBASc17cr/ruVuiyEXMDFHiOgl5OgESlalJEkU1PfW6KAibqDnrsOghiX8TesDQ7HZvGa9KjAaUrNo86RVxaioPnTGk2aDcFNXyPOSUGf7ixv5tv3H7nP6753ga06VfF1mVQ4jiMNh/.../

https://dw.uptodown.com/dwn/0WIKbWoM9q6igFxfdJXnE-4JJHQ0Vpe49qviBMhGM1ePLgNMGqdjCcL7vuESJ5G4Kc_9fHZc30XwK1Y9Z7-yy5Dp_TZI0VI8Vdu0I5FSE0fS8lDTSRMH_Zwxr7AxL7VH/LBfJHsPui5A1HBmnFzghDaVttiWBt-UhXqXbO1mPl120TNpMGbIFKOIq7EY2V15cy-wgS4HKTzWZPCUWLj23zCzOexXLfXBU6IN8y7IbSGXw-BGFez3iIZ2zru9B-Qeu/yO-THg1gTZiFw7sHGKsGOKBnfuozZrlIeAJ0Uis0wmJ15kSPjCYUxfKB8drAzQFc_0o27GDm_iOSlZPayb_bGxad0y5hGKXDX-p06Qk0vhNxPywrI1V83AJOVulmCqLs/.../

https://dw.uptodown.com/dwn/IqpJisis8UYb5keuG_w4xyNXYa7XUpOdOjK9JF0Xveop9LrexwuW67fU5oQL3nFDM0CBnC-CyhSd9aqOrFpkhsbH_s5fOuBQ8amQxDAxFLV-KeoDnNDFXZXwDwbcqa4w/JbNBqonLUf13yuG1st1hxjIq1w3AeGUWLVy8w4i_EHwzykK-TkPp1aCb4jhiK8GEyYhUJgkD0Ov-qfVfer7uX_57Xz1YXWfXKeoi6k2-ZzRG6_ieKbQkynLrXzPkM5qG/SnKffTsm6ncYehnC_cv5ks12MGqx1-jk_y4huAEB7kqyCvurArkmf0jB8y2Id3NbgQPtRgyWpGTjIsI8jKemeRv4OT02FfAW68cxQTfIV2gtHRmmMU2Vh_QwVgWJ57Fk/.../

https://dw.uptodown.com/dwn/2gYQ8spAcFHyltnZ_YI9bpgTiEGgYfFwwyOMUTsJLiPrrBdPkbFvDaN7byW50X5X3XzEER2xptCStfBzvE8CnOVyV6DobnoKpA4qZ75V6uZnhkSOzSRNNeSwjKxnRqz9/mSStnYrMa1L4Wg7jLXmErZqvOfJxlA0beY812F_5wMCfbU5dYaIpc53Cp-CE2uvh-a58-yagSCuD1hlT7MyF7NTvoagFxPE8BfKJ0-ZnKmwd0WTU6iUwtrRkcGFoRLYe/zh5WSD0x7HHif0v5gGgz_hguuRGWHO6kVnYTaCBtOIPdqawnPDuAXQlqsBc2Q5CTO_0oGfIH6NdTztS6AMLQD-eALk8z09WdJMnP1aUuAYfdwmUSRo9ueQEhGu6dmsib/.../

Latest 30 of 49 download URLs

Scan KillBox.exe - Powered by Reason Core Security