» leander.(v2.5)(travellers.tales)(+t)-thecompany.exe
Overview
Analysis
File Details
Downloads (1)

leander.(v2.5)(travellers.tales)(+t)-thecompany.exe

The executable leander.(v2.5)(travellers.tales)(+t)-thecompany.exe has been detected as malware by 5 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from thecompany.pl.

File name:

MD5:

f7f8bda633c10bfe1c46679960621e6e

SHA-1:

b5e39224e6e819a7b3c4797e573a4d06f34ba4f6

SHA-256:

8abd7a5b818117572df1cc85fa1337cca0bb9a1ef86c7a5b6d62b9d5d537fb17

Scanner detections:

5 / 68

Status:

Malware

Analysis date:

12/28/2024 12:08:14 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Crypt3

2017.0.2710

Comodo Security

UnclassifiedMalware

20595

ESET NOD32

Win32/Kryptik.BUQX (variant)

10.10963

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.8.5.0

Qihoo 360 Security

Win32/Trojan.f99

1.0.0.1015

File size:

4.9 MB (5,125,851 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\leander.(v2.5)(travellers.tales)(+t)-thecompany.exe

File PE Metadata

Compilation timestamp:

9/16/2012 2:19:45 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

98304:h5f7znSWmJlsIGxzyYEkxGk6OaD5AKrmMS2pxD7knfme:7PSWYszxmvk6Og2R2pteb

Entry address:

0x403B

Entry point:

55, 8B, EC, 83, E4, F8, 81, EC, 1C, 09, 00, 00, 53, 56, 57, E8, 86, FB, FF, FF, 8B, 35, 0C, E0, 43, 00, FF, D6, 83, E0, 11, 3D, 11, 01, 00, 00, 0F, 84, 26, 04, 00, 00, FF, D6, 8B, 5C, 24, 28, A3, 0C, 50, 40, 00, E8, 55, FC, FF, FF, 8B, C8, 2B, 0D, 0C, 50, 40, 00, 6A, 03, 33, D2, 8B, C1, 5E, F7, F6, F7, C1, 00, 80, FF, FF, 0F, 85, 86, 02, 00, 00, 33, C0, 33, FF, 89, BC, 24, 24, 09, 00, 00, 66, 89, 84, 24, 10, 05, 00, 00, 89, BC, 24, 0C, 05, 00, 00, 66, 89, 84, 24, F8, 00, 00, 00, E8, 11, FC, FF, FF, 8B, C8... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

16 KB (16,384 bytes)

The file leander.(v2.5)(travellers.tales)(+t)-thecompany.exe has been seen being distributed by the following URL.

http://thecompany.pl/download/.../1

Remove leander.(v2.5)(travellers.tales)(+t)-thecompany.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.