pet241cz.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from downloads.zoznam.sk.
MD5:
fdabf3ec8bf37df3b9259a872feb8839

SHA-1:
78ab925bfdfed924169d9b8683cdfa7ea927ecae

SHA-256:
f5772c06699810c39b0e7996d73b7cb639504ac90550aab357919b4ef8e697a3

Scanner detections:
8 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 4:04:53 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Diple
7.1.1

Avira AntiVirus
TR/Crypt.XPACK.Gen
7.11.163.184

Bkav FE
W32.Clodde1.Trojan
1.3.0.4959

Comodo Security
UnclassifiedMalware
18952

IKARUS anti.virus
Trojan.Crypt
t3scan.1.6.1.0

McAfee
Artemis!FDABF3EC8BF3
5600.6328

Norman
Suspicious_Gen2.TYRBQ
11.20160724

ViRobot
Trojan.Win32.A.Diple.2738688
2011.4.7.4223

File size:
2.6 MB (2,738,688 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pet241cz.exe

File PE Metadata
Compilation timestamp:
7/2/2011 1:42:38 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:fyl2WkdgGcSvc0JFAKbEJr+7GjBPeiiWx7GT2xF0GbvzC+/pk:fyg3pMr+g2CpGT2xF0GjzC+2

Entry address:
0x3520

Entry point:
55, 8B, EC, 81, EC, 58, 01, 00, 00, 53, 56, 57, FF, 15, 80, B0, 40, 00, A3, 38, DA, 40, 00, FF, 15, 7C, B0, 40, 00, 68, F0, D8, 40, 00, A3, D8, D9, 40, 00, C7, 05, F0, D8, 40, 00, 94, 00, 00, 00, FF, 15, 78, B0, 40, 00, 33, DB, 53, FF, 15, 98, B0, 40, 00, 8B, 35, A4, B0, 40, 00, 53, A3, 3C, DA, 40, 00, FF, D6, 0D, 01, 80, 00, 00, 50, FF, D6, FF, 15, 74, B0, 40, 00, 25, FF, 00, 00, 00, 83, F8, 05, 74, 0A, 83, F8, 15, 74, 05, 83, F8, 1B, 75, 0A, C7, 05, 9C, DA, 40, 00, 01, 00, 00, 00, 8B, 35, 88, B1, 40, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
40 KB (40,960 bytes)

The file pet241cz.exe has been seen being distributed by the following URL.

Scan pet241cz.exe - Powered by Reason Core Security