home

nomedoarquivo.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from lo4.get4mobile.net and multiple other hosts.
MD5:
d6de37a5586ed413b6564e02f35ae770

SHA-1:
e4f7239939cd88a904fa57a740c4cf6a7e92a82e

SHA-256:
2f106cd2006b9c75f2f3a2257250930ee230ae92d0cf9c70304fbca8f92c7621

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 9:41:55 AM UTC  (today)

File size:
10.3 MB (10,850,748 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\nomedoarquivo.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
196608:VXChun+DjS/jM6ICsQCXs1KBkzbJzd5aIO9t29MmhwM1joZFxdd10tXBs:Vyhu+DjH6XsQCc1IGDUt29IM1uLOtXO

Entry point:
50, 4B, 03, 04, 14, 00, 08, 08, 08, 00, 2A, 65, 9C, 43, E4, 3C, F8, 77, 0D, 09, 00, 00, 65, 17, 00, 00, 14, 00, 04, 00, 4D, 45, 54, 41, 2D, 49, 4E, 46, 2F, 4D, 41, 4E, 49, 46, 45, 53, 54, 2E, 4D, 46, FE, CA, 00, 00, AD, 58, C9, 8E, E2, 5A, 12, DD, 97, 54, FF, 50, CB, 6E, A1, C4, 06, 0C, 36, 25, BD, 85, E7, 01, 0F, 78, C2, 98, 4D, EA, E2, 79, 9E, B1, CD, D7, 37, 99, 55, 52, BF, 22, 0D, 95, AF, BB, 36, 58, 5C, C9, C7, E1, 88, 38, 27, 4E, 58, 02, 79, E4, 7B, 4D, FB, 72, F0, EA, 26, 2A, F2, EF, DF, 16, 73, F8...
 
[+]

The file nomedoarquivo.exe has been seen being distributed by the following 10 URLs.

http://lo4.get4mobile.net/android/usrKRZW0bQFvJM4Tg5FTiw/1471650394/.../6_grand_theft_auto_san_andreas.apk

http://am.get4mobile.net/android/a0qbEAs8-piOA8OKAte2Aw/1466811798/.../6_grand_theft_auto_san_andreas.apk

http://am.get4mobile.net/android/qGXYUhVWTKym_YavnfkOPg/1472058757/.../6_grand_theft_auto_san_andreas.apk

http://lo4.get4mobile.net/android/jbvZ9Kd3GIy8brgDYxkOBA/1473991576/.../6_grand_theft_auto_san_andreas.apk

http://lo3.get4mobile.net/android/ccbpczyvZPtRUIUigekT-Q/1454828426/.../6_grand_theft_auto_san_andreas.apk

http://lo2.get4mobile.net/android/6ksCFSLzyCVrDRxY48RCSA/1468551958/.../6_grand_theft_auto_san_andreas.apk

http://am.get4mobile.net/android/W9pTuL5oKIMABP5anPqi7w/1466978876/.../6_grand_theft_auto_san_andreas.apk

http://am.get4mobile.net/android/wBWy5AEI2g68eiVBJZMN_g/1464239343/.../6_grand_theft_auto_san_andreas.apk

http://am.get4mobile.net/android/733-8hl3PdC1TEJLbH_p0g/1459243694/.../6_grand_theft_auto_san_andreas.apk

http://lo3.get4mobile.net/android/S0UUO8rAqB1vhOL3YKsd5Q/1456694966/.../6_grand_theft_auto_san_andreas.apk

Scan nomedoarquivo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.