home

mod_id544_mod.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from mododrom.ru a known adware distribution point operated by SIEN S.A..
MD5:
257256ac9cf806848bee3ee4af205cfb

SHA-1:
3f8200dc692f2578ed45fdfc550487140c6709cf

SHA-256:
c56ecfb66a32406f752731f78deb8b0ccd68210dc6169251fd2c3a9fd972c81b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 6:01:07 AM UTC  (today)

File size:
316.3 KB (323,902 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\mod_id544_mod.exe

File PE Metadata
Compilation timestamp:
3/18/2016 2:56:33 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:0VEoWsO1sfiiBjhFr4PzMulwRNX3ie0bL4gbQYrCoqFKukagw8sdHhtjPoWe:0msfRB7r4PKR8J/bQYrCdGRAdg

Entry address:
0x3EA6

Entry point:
FF, 25, 28, 40, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
12 KB (12,288 bytes)

The file mod_id544_mod.exe has been seen being distributed by the following URL.

http://mododrom.ru/.../downloadfile.php?file=MoD_id544_mod

Scan mod_id544_mod.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.