» offercast.exe
Overview
Analysis
File Details
Downloads (5)

offercast.exe

The application offercast.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from proxy-66.dailymotion.com and multiple other hosts.

File name:

offercast.exe

MD5:

e5b08ee758299f7947b1e6f784e0b5c4

SHA-1:

5560c9e354dbb17bba9ee73ab99c2a37d335f5a4

SHA-256:

9c0fc8f7b314226374c6213b54efc49b7b281d8d686704ed5a9e83c08844ac5a

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 6:52:30 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Win.Reputation

15.6.18.18

File size:

141 Bytes

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\appdata\local\temp\offercast.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

3:5DE+FpRQ2mHALaADU/3pCN+X/sqNAOXGOmbtpdCNCpg5:dEWzpdD83pCEX/YOX2WNCa

Entry point:

3C, 74, 69, 74, 6C, 65, 3E, 42, 6C, 6F, 63, 6B, 65, 64, 20, 55, 52, 4C, 3C, 2F, 74, 69, 74, 6C, 65, 3E, 3C, 69, 66, 72, 61, 6D, 65, 20, 66, 72, 61, 6D, 65, 62, 6F, 72, 64, 65, 72, 3D, 27, 30, 27, 20, 77, 69, 64, 74, 68, 3D, 27, 31, 30, 30, 25, 27, 20, 68, 65, 69, 67, 68, 74, 3D, 27, 31, 30, 30, 25, 27, 20, 73, 72, 63, 3D, 27, 68, 74, 74, 70, 3A, 2F, 2F, 70, 72, 6F, 78, 79, 2E, 65, 6D, 69, 72, 61, 74, 65, 73, 2E, 6E, 65, 74, 2E, 61, 65, 27, 3E, 54, 68, 69, 73, 20, 70, 61, 67, 65, 20, 69, 73, 20, 62, 6C, 6F... 
[+]

Entropy:

4.8218

The file offercast.exe has been seen being distributed by the following 5 URLs.

http://proxy-66.dailymotion.com/video/406/.../225146604_mp4_h264_aac_fhd.mp4?auth=1454666621-4098-cg4hqplf-13410c89eaf886f94df2cfd6c0643cce#cell=core

http://media1.break.com/dnet/media/2014/1/.../b121d387-ba19-4265-a423-8b283eb747b3.jpg

http://uc.8x8.com/uc/.../uc.msi

http://cdn.amazingfolderscenter.com/c?x=wiklN85D dCeFzVZlqCrMh8TXOHgPYa8VwpnHxBZrOY=&c=9z6SeS qGdymY96LI0cG6cozLyZiihihi6BCxtWT3SYBQDZWolkZOze FuzbHJIvERdKZX8ANeJ0uvsyYr8rDw==&downloadAs=FreeWiFiHotspot.exe&fallback_url=http://www.free-wifi-hotspot.com/.../FreeWiFiHotspot_IS.exe

http://proxy-66.dailymotion.com/video/176/.../220799671_mp4_h264_aac_hq_1.mp4?auth=1458503106-6784-5kw4svk8-5d3e72e77c4a94abe7d1eb47867825da#cell=core

Remove offercast.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.