home

megaminerpro_install.exe

Megaminer LTD

This is a self-extracting archive and installer. The file has been seen being downloaded from cloclo18.cldmail.ru and multiple other hosts.
Publisher:
Megaminer LTD

Description:
MegaMiner PRO 1.00 Installation

Version:
1.00

MD5:
1ada35cdff47fab300fda41d14180ed0

SHA-1:
b97a9843eda040bd668392abf735c8526db4dd2c

SHA-256:
74a51fd05a96a71b09570b7e98566677d41c204131c1a814d698c61a47ff0bea

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/5/2024 7:29:40 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
HackTool.W32.Nice.llE7
2.1.4+

Qihoo 360 Security
QVM05.1.Malware.Gen
1.0.0.1120

Total Defense
Win32/Jorik.KJ
37.1.62.1

File size:
869.3 KB (890,134 bytes)

Copyright:
Megaminer LTD

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\megaminerpro_install.exe

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:TX48QE+UGFJeUaTMoUIijnfa/48zLY+rPZm:TXz+0UyMot44N/Q

Entry address:
0x25468

Entry point:
55, 8B, EC, 83, C4, F0, B8, 88, 53, 42, 00, E8, 24, F2, FD, FF, B8, C8, 54, 42, 00, E8, 2A, 1C, FE, FF, 8B, 15, 40, 88, 42, 00, 89, 02, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, 48, 88, 42, 00, E8, E4, D3, FF, FF, 8B, 15, 40, 88, 42, 00, 8B, 12, A1, DC, 87, 42, 00, E8, 7A, 64, FF, FF, A1, 40, 88, 42, 00, E8, AC, 4E, FE, FF, E8, DF, E0, FD, FF, 00, 00, 00, FF, FF, FF, FF, 01, 00, 00, 00, 2A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
145.5 KB (148,992 bytes)

The file megaminerpro_install.exe has been seen being distributed by the following 5 URLs.

https://cloclo18.cldmail.ru/SpjJ8URQG5JXCNkDm7V/G/.../bKtB1W5s8?key=aa7f41edbe3956a6368c0379e27d651b409ccd7a

https://cloclo15.cldmail.ru/Rvc8JsvvtCSmATZZufQ/G/.../kQmnmb3xY?key=24f62907a5180f4d9248c044e29163c878c4d629

https://cloclo30.cldmail.ru/2oez12txLE8cQTs1TDx7/G/.../bKtB1W5s8?key=1a51c7c8920acf802a934b481f2e0614d939d472

https://cloclo2.cldmail.ru/rjq2Qf3rfrdpgRJr2nj/G/.../bKtB1W5s8?key=f514852312ca0d40904d02d17955fc7c38b6b058

https://cloclo9.cldmail.ru/NB681PoX1ZyLfhJXCeQ/G/.../bKtB1W5s8?key=ecc43e59d964a4e175086a620588412f96777f06

Scan megaminerpro_install.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.