offercast.exe

The application offercast.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from proxy-66.dailymotion.com and multiple other hosts.
MD5:
e5b08ee758299f7947b1e6f784e0b5c4

SHA-1:
5560c9e354dbb17bba9ee73ab99c2a37d335f5a4

SHA-256:
9c0fc8f7b314226374c6213b54efc49b7b281d8d686704ed5a9e83c08844ac5a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:56:02 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Win.Reputation
15.6.18.18

File size:
141 Bytes

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\offercast.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
3:5DE+FpRQ2mHALaADU/3pCN+X/sqNAOXGOmbtpdCNCpg5:dEWzpdD83pCEX/YOX2WNCa

Entry point:
3C, 74, 69, 74, 6C, 65, 3E, 42, 6C, 6F, 63, 6B, 65, 64, 20, 55, 52, 4C, 3C, 2F, 74, 69, 74, 6C, 65, 3E, 3C, 69, 66, 72, 61, 6D, 65, 20, 66, 72, 61, 6D, 65, 62, 6F, 72, 64, 65, 72, 3D, 27, 30, 27, 20, 77, 69, 64, 74, 68, 3D, 27, 31, 30, 30, 25, 27, 20, 68, 65, 69, 67, 68, 74, 3D, 27, 31, 30, 30, 25, 27, 20, 73, 72, 63, 3D, 27, 68, 74, 74, 70, 3A, 2F, 2F, 70, 72, 6F, 78, 79, 2E, 65, 6D, 69, 72, 61, 74, 65, 73, 2E, 6E, 65, 74, 2E, 61, 65, 27, 3E, 54, 68, 69, 73, 20, 70, 61, 67, 65, 20, 69, 73, 20, 62, 6C, 6F...
 
[+]

Entropy:
4.8218

The file offercast.exe has been seen being distributed by the following 5 URLs.

http://proxy-66.dailymotion.com/video/406/.../225146604_mp4_h264_aac_fhd.mp4?auth=1454666621-4098-cg4hqplf-13410c89eaf886f94df2cfd6c0643cce#cell=core

http://media1.break.com/dnet/media/2014/1/.../b121d387-ba19-4265-a423-8b283eb747b3.jpg

http://uc.8x8.com/uc/.../uc.msi

Remove offercast.exe - Powered by Reason Core Security