quickbms_4gb_files.exe

QuickBMS

Luigi Auriemma, e-mail: me@aluigi.org, web: aluigi.org

This is a setup program which is used to install the application. The file has been seen being downloaded from download1812.mediafire.com and multiple other hosts.
Publisher:
Luigi Auriemma, e-mail: me@aluigi.org, web: aluigi.org

Product:
QuickBMS

Version:
check the version at runtime

MD5:
4743089ea685ef840ae695c8be7ec9b0

SHA-1:
31862cb97199393b978c71f373330b3e15f71d7a

SHA-256:
72ea315a7f4402a926d2f7e36523ad0be6c0992b515227ab73c0d82a98840b9d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 10:07:47 PM UTC  (today)

File size:
10.9 MB (11,419,648 bytes)

Copyright:
Luigi Auriemma (GPLv2)

Original file name:
quickbms.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\compressed\quickbms\quickbms_4gb_files.exe

File PE Metadata
Compilation timestamp:
1/5/2000 1:26:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

CTPH (ssdeep):
196608:4GIFdwwC69pUSe8Z3WCDmHyTVOPCYrlPkOsP5tmwxIC16R9xfXo1/he1mQdCL+8U:odC69pUSe8cCDmHyTVOPCYrlPkOgJKY

Entry address:
0x1280

Entry point:
83, EC, 1C, C7, 04, 24, 01, 00, 00, 00, FF, 15, 74, 29, 43, 04, E8, 6B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, 83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, 74, 29, 43, 04, E8, 4B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, EC, 29, 43, 04, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, AC, 29, 43, 04, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, F0, 9B, 00, E8, 3A, 09, 4E, 00, BA, F0, 60, 8D, 00, 83, EC, 04, 85, C0, 74, 15, C7, 44...
 
[+]

Code size:
5 MB (5,221,376 bytes)

The file quickbms_4gb_files.exe has been seen being distributed by the following 3 URLs.

http://download1812.mediafire.com/a76g72r9xihg/.../quickbms_4gb_files.exe

http://download1812.mediafire.com/rayabph999tg/.../quickbms_4gb_files.exe

Scan quickbms_4gb_files.exe - Powered by Reason Core Security