leveledit v2.exe

The executable leveledit v2.exe has been detected as malware by 4 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from download1210.mediafire.com and multiple other hosts.
MD5:
5aff31715ec9e1043f37d3a1eba0e859

SHA-1:
5a6b7227cd86f909f85570391a02ba863087b85a

SHA-256:
5e50f587c7e4ad370d58e6504a3d6eebcca496e81739d2b7a4d616d777753e27

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
11/23/2024 7:51:19 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Dropper.Gen
8.3.2.4

Dr.Web
Trojan.MulDrop6.16707
9.0.1.05190

Qihoo 360 Security
HEUR/QVM01.1.Malware.Gen
1.0.0.1077

Rising Antivirus
PE:Spyware.Gen2!6.10EE [F]
23.00.65.151220

File size:
832.5 KB (852,480 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\leveledit v2.exe

File PE Metadata
Compilation timestamp:
12/8/2015 12:10:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.22

CTPH (ssdeep):
12288:dJNaDbJiFNAcHOZq9JVqJ1q9BLxrLA+Gvq/BmwTqK0S:taDlirAcHOZq9JVqJYBJLA+iq/XT/H

Entry address:
0x1280

Entry point:
83, EC, 1C, C7, 04, 24, 01, 00, 00, 00, FF, 15, F0, E2, 47, 00, E8, 6B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, 83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, F0, E2, 47, 00, E8, 4B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, 18, E3, 47, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, 0C, E3, 47, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 8B, 0D, 54, D2, 46, 00, 85, C9, 74, 38, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, E0, 46, 00, E8, 08, F1, 01, 00, 52, 85, C0, 74...
 
[+]

Code size:
432 KB (442,368 bytes)

The file leveledit v2.exe has been seen being distributed by the following 14 URLs.

http://download1210.mediafire.com/dcgkbo45s77g/.../LevelEdit v2.exe

https://gn1vhw-dm2306.files.1drv.com/.../LevelEdit v2.exe

http://download1210.mediafire.com/cecdv1ovb4pg/.../LevelEdit v2.exe

http://download1210.mediafire.com/bn7axo687kkg/.../LevelEdit v2.exe

https://onedrive.live.com/download.aspx?cid=036D270EA61BB7CB&authKey=!AKxMKAUAg0twgE0&resid=36D270EA61BB7CB!89829&ithint=.exe

http://download877.mediafire.com/a0tqv589oizg/.../LevelEdit v2.exe

http://download1210.mediafire.com/5kovl08379bg/.../LevelEdit v2.exe

Remove leveledit v2.exe - Powered by Reason Core Security