home

mybackpack1.1.exe

MD5:
82940304d2399434cbf48a50be9dca2e

SHA-1:
2199a98e1b3e23700b48936477c7b7f2ba8825ec

SHA-256:
04ef907a3b400a184cb0ba25aac49e61cbd59638e6ff174c1c901f840aa7bf10

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/12/2025 10:58:44 PM UTC  (today)

File size:
6.4 MB (6,693,888 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:dQZEwkYvDU4ppuzDc0UuCppuzDc0a766L1ppuzDc0GLppuzDc0DppuzDc0bppuzF:dQqwpQKc4ce1JcMLcRcdc

Entry address:
0x7367C

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 2C, 34, 47, 00, E8, A3, 30, F9, FF, 8B, 1D, 40, 58, 47, 00, 8B, 03, E8, FA, 09, FE, FF, 8B, 0D, 28, 59, 47, 00, 8B, 03, 8B, 15, 24, 24, 47, 00, E8, FF, 09, FE, FF, 8B, 0D, 60, 59, 47, 00, 8B, 03, 8B, 15, 08, ED, 46, 00, E8, EC, 09, FE, FF, 8B, 0D, FC, 57, 47, 00, 8B, 03, 8B, 15, 34, E6, 46, 00, E8, D9, 09, FE, FF, 8B, 0D, 0C, 57, 47, 00, 8B, 03, 8B, 15, 8C, 1F, 47, 00, E8, C6, 09, FE, FF, 8B, 0D, AC, 58, 47, 00, 8B, 03, 8B, 15, F8, E7, 46, 00, E8, B3, 09, FE, FF, 8B, 0D, 58...
 
[+]

Entropy:
6.3149

Developed / compiled with:
Microsoft Visual C++

Code size:
458 KB (468,992 bytes)

The file mybackpack1.1.exe has been seen being distributed by the following 5 URLs.

https://mega.nz/temporary/.../TgpSzDjC

https://mega.nz/persistent/.../TgpSzDjC

https://doc-0o-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/na3fvabbu0sel52m7ac233va5hcmdl84/1466827200000/05369434000265396405/.../0B8OAsQz5Vuc4N2RmOTY1ZWUtNzRmOC00NzY4LWFkMGYtYWU2NmYxYzU3NmRk?e=download

https://doc-0o-04-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7kh9hqhb4vadkjehvau7jcecv4ajrtg2/1461708000000/05369434000265396405/.../0B8OAsQz5Vuc4N2RmOTY1ZWUtNzRmOC00NzY4LWFkMGYtYWU2NmYxYzU3NmRk?e=download

https://docs.google.com/uc?id=0B8OAsQz5Vuc4N2RmOTY1ZWUtNzRmOC00NzY4LWFkMGYtYWU2NmYxYzU3NmRk&export=download&hl=en

Scan mybackpack1.1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.