home

raba180v2.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from mods1.fs-uk.com.
MD5:
50ddf5147d37b6d1ab685bb532a1bdf0

SHA-1:
3812f43f6a7492574942e43935722fa465857f87

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 3:06:25 AM UTC  (today)

File size:
10.9 MB (11,394,263 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\raba180v2.exe

File PE Metadata
Compilation timestamp:
9/30/2010 2:47:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:YtLDtuJlyYSgUP+qWLW/540JKWp2raZtoPVPdr30TDffilA0/PMW:GgJvFU6h0QyoPJZIilA0

Entry address:
0x30AB

Entry point:
84, E5, 69, EE, 25, E8, 3B, F8, 69, FF, 4D, 38, 47, 7A, 0F, AF, D9, 89, D6, 88, ED, 3B, CA, 72, 06, F7, C2, 2F, FA, A6, AA, F3, 40, EB, 0D, 69, DA, 1C, CE, 23, BA, 8D, 15, 1A, 16, 59, E0, 4A, E8, A0, 00, 00, 00, 87, D0, F2, 0F, AF, F2, 8D, 05, E2, 8D, BD, BD, 8B, C2, 0F, BE, F6, 04, DA, 69, F5, 2F, 1D, 1F, 8B, 8B, D3, 81, C3, 22, 03, F0, D1, FF, CE, F6, C6, 02, 89, FA, 18, FE, 85, C8, 12, D1, 38, EA, 81, F2, 66, C7, C6, 51, 8B, D3, 8B, DA, 20, EA, 84, FC, 89, DA, 8D, 15, F1, 7B, AB, 2F, 33, F6, 69, D7, 14...
 
[+]

Entropy:
7.9981  (probably packed)

Code size:
52 KB (53,248 bytes)

The file raba180v2.exe has been seen being distributed by the following URL.

http://mods1.fs-uk.com/files/.../RABA180v2.exe

Scan raba180v2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.