metin2mod_pl_15062016.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from am4-r1f1-stor04.uploaded.net.
MD5:
e499844d147f7a37e91e240cebc9c53d

SHA-1:
667284b0475853e97096406779f99032b5c74576

SHA-256:
e3d203166614b25a2f6f2476a2d28343e675eab22fe89ad87a80152165b6a70d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 6:04:59 PM UTC  (today)

File size:
10.5 MB (11,014,465 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\metin2mod_pl_15062016.exe

File PE Metadata
Compilation timestamp:
2/3/2016 9:38:25 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:KeSOQu9MlUdpRFo0+XEh6idAuMd5gD1bLdd7GVF6nNCdR0Lrz+UyvQyZLoKD:cOQu9MlUjsmpMdGD1bLuVF6nNCdS07EO

Entry address:
0x1E64B

Entry point:
02, E3, 8D, 0D, 98, C3, FB, AB, 8B, DE, F3, 81, E1, 4A, 32, 35, F9, BD, B2, 17, 39, 68, 8B, DE, 85, C6, 74, 03, 48, 86, ED, FF, CA, 81, FE, FD, 41, 00, 00, 0F, B6, CB, 0C, 78, 81, F7, 4F, 31, 60, AF, F6, C7, 05, 69, CB, 60, F8, 69, D3, 88, E3, F6, C7, 86, E8, 37, 00, 00, 00, 28, C4, 8B, D2, F7, C7, D8, 5D, F7, 0B, 73, 08, 0F, AF, CB, 0F, AF, E8, FE, CC, 01, C8, 32, E5, 8B, F7, 8B, F8, 69, CB, DD, 51, 69, 93, 8D, 05, 99, 64, C5, AE, 34, AB, 33, DB, 81, D8, AB, EF, 24, EF, 8D, 1F, FE, C6, 46, 0F, B7, D9, 0F...
 
[+]

Entropy:
7.9959  (probably packed)

Code size:
166 KB (169,984 bytes)

The file metin2mod_pl_15062016.exe has been seen being distributed by the following URL.

Scan metin2mod_pl_15062016.exe - Powered by Reason Core Security