mali - zdes ispolnyaet mechty lucky agency zaycev net.exe

Mobilnye Proekty , Ooo

The application mali - zdes ispolnyaet mechty lucky agency zaycev net.exe by Mobilnye Proekty , Ooo has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from forces.kubaniniman.ru.
Publisher:
Mobilnye Proekty , Ooo  (signed and verified)

MD5:
2841bdc5e99b0a3bff738652acf49eec

SHA-1:
2413ea87c614a529849c62c065228ee696d84cce

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/27/2024 11:31:27 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.10.7.13

File size:
481.9 KB (493,464 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\mali - zdes ispolnyaet mechty lucky agency zaycev net.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
5/21/2014 3:00:00 AM

Valid to:
5/22/2015 2:59:59 AM

Subject:
CN="Mobilnye Proekty , Ooo", O="Mobilnye Proekty , Ooo", STREET="Tymenskaya 5, bld. 1", L=Moscow, S=Moscow region, PostalCode=107370, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D812EDF6481CAD30D5A8D2B9E47437D4

File PE Metadata
Compilation timestamp:
5/31/2014 11:05:44 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
27.26

CTPH (ssdeep):
12288:o7WWlglkORtGIShdEptF5V8a5ulA2yTyIesDwC:oNC6WtGISfpQulvyTQscC

Entry address:
0x997C

Entry point:
2B, 1D, 8E, E8, 40, 00, BD, D9, ED, 0E, 8B, 1D, 86, 70, 3B, 82, 19, D2, F5, 81, E5, 54, FB, 94, 0A, 90, 33, 2D, 66, 96, 44, 00, C1, E5, 16, D1, F9, 23, 6C, 24, FC, 13, 2C, 24, 45, 39, D4, 1B, 6C, 24, 14, C1, D5, 1E, 93, 8B, 4C, 24, 10, C1, C3, 14, C1, C7, 0C, F7, 44, 24, F4, 4E, 84, 76, 26, C1, E2, 17, F7, D1, C1, E2, 18, C1, E6, 0C, C1, FA, 1F, C1, FE, 17, C1, D1, 19, 43, 19, F7, C1, DB, 06, 1B, 54, 24, F8, 85, DA, 13, 35, 07, 4C, 40, 00, F7, D5, F5, 11, FD, FD, C1, C3, 19, 90, 81, CA, A6, C4, 6E, B0, F7...
 
[+]

Entropy:
6.2778

Code size:
398.5 KB (408,064 bytes)

The file mali - zdes ispolnyaet mechty lucky agency zaycev net.exe has been seen being distributed by the following URL.

http://forces.kubaniniman.ru/MjU1NTtodHRwJTNBJTJGJTJGZGwuemF5Y2V2Lm5ldCUyRjBhYWYxNGUzLWYzZmMtNDFmZS1iN2ZkLWZjOTRmOTI4MmQyMCUyRjI5NDk5JTJGMjk0OTkxOSUyRm1hbGlfLV96ZGVzX2lzcG9sbnlhZXRfbWVjaHR5X2x1Y2t5X2FnZW5jeV8lMjh6YXljZXYubmV0JTI5Lm1wMztuYW1lPW1hbGlfLV96ZGVzX2lzcG9sbnlhZXRfbWVjaHR5X2x1Y2t5X2FnZW5jeV8oemF5Y2V2Lm5ldCkubXAzO3NpemU9ODU2Njg2Njt0eXBlPWF1ZGlv