mod_id512_mod.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from mododrom.ru and multiple other hosts a known adware distribution point operated by SIEN S.A..
MD5:
1336cabdf9a92eea16a94a0b3406b09c

SHA-1:
23ef350d34b343347e18c5eedf272cbd3a381edb

SHA-256:
94f7100da6a61aa6bde0afa199c01930fa72abee4bfa04b6526b047628eb3381

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/24/2024 11:58:21 AM UTC  (today)

File size:
323.5 KB (331,264 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mod_id512_mod.exe

File PE Metadata
Compilation timestamp:
3/6/2016 6:17:17 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:VRoWsO1sfiiBjhFr4PzMulcRNX3ie0bL4gbQYrCoqFKukGgzS8s0xetM/oWs:nsfRB7r4PmR8J/bQYrCdGlO0

Entry address:
0x3E86

Entry point:
FF, 25, 28, 40, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
12 KB (12,288 bytes)

The file mod_id512_mod.exe has been seen being distributed by the following 6 URLs.

Scan mod_id512_mod.exe - Powered by Reason Core Security