kyng_multiloader_v1_41.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from fs05n5.sendspace.com and multiple other hosts.
Version:
1.4.1.0

MD5:
6ecd9b1596f6113cd4491bbb59232a68

SHA-1:
7c72f03228946e36f62fd170d05e1efda3062278

SHA-256:
0b70f7840f0214cb5b2a2bb8a6095cbcec671ddb0c82040121556554475eb360

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/15/2024 9:46:02 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V1216
7.2.90

File size:
546.5 KB (559,616 bytes)

Product version:
1.4.1.0

File type:
Executable application (Win32 EXE)

Language:
Arabe (Algérie)

File PE Metadata
Compilation timestamp:
6/3/2009 3:06:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
12288:RyEjBRKUTa3deLz7R3RHBjFXhk+uiEqQIoS:RyoDTaULzbHruiE7

Entry address:
0x1E2100

Entry point:
60, BE, 00, 10, 56, 00, 8D, BE, 00, 00, EA, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, EC, 0D, 1E, 00, 57, 83, C3, 04, 53, 68, F1, 10, 08, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Code size:
520 KB (532,480 bytes)

The file kyng_multiloader_v1_41.exe has been discovered within the following program.

DiRT 3  by Codemasters
Dirt 3 is a popular rally racing game that combines the feel of fast-paced arcade style racing action across multiple surfaces and environments with realistic features found on real off-road circuits.
www.codemasters.com/games/?gameid=3240
12% remove it
 
Powered by Should I Remove It?

The file kyng_multiloader_v1_41.exe has been seen being distributed by the following 8 URLs.

https://fs05n5.sendspace.com/dl/767f4abefab4e99a10e45271b1384605/56e9b50e2569c0a5/.../KYNG_MultiLoader_V1_41.exe

https://fs11n2.sendspace.com/dl/947a59e6a6b37f852355d22346de07e2/57c47b5d6735b2f6/.../KYNG_MultiLoader_V1_41.exe

https://fs05n4.sendspace.com/dl/434bdd5f06fa429f4440a5ec5a526af5/56e9aa9626c4d0ba/.../KYNG_MultiLoader_V1_41.exe

https://fs05n5.sendspace.com/dl/887c280f5c71f0210b4c944b3dd45797/56eb054c1a126d24/.../KYNG_MultiLoader_V1_41.exe

https://fs05n1.sendspace.com/dl/212fc132ad320b4453d38d649a835e57/579cc7581bdb2e1b/.../KYNG_MultiLoader_V1_41.exe

Scan kyng_multiloader_v1_41.exe - Powered by Reason Core Security