raidcall_v7.0.2.exe

The application raidcall_v7.0.2.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.raidcall.com.tw.
MD5:
e31caca0683ba194754889b9083e3e17

SHA-1:
70fb2be014d5fc240791f62757c402c40754a996

SHA-256:
67b03a55c1e56eb60939ab72d036062d1464e24fee48306a145daf0616da4d12

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 4:37:37 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Downware
7.1.1

avast!
Win32:Malware-gen
2014.9-160306

Bkav FE
HW32.Packed
1.3.0.6379

Sophos
Mal/Generic-L
4.98

Vba32 AntiVirus
Malware-Cryptor.Inject.gen
3.12.26.4

File size:
4.7 MB (4,900,561 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\raidcall_v7.0.2.exe

File PE Metadata
Compilation timestamp:
3/22/2010 8:59:12 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:wZrbMimRO3tcSo+4zcFn/moFDDvZM37358Mcu56UUoE8dsV/JV:wBYKcSo+sm9ZML358pqq+ds7V

Entry address:
0x114F

Entry point:
E9, EC, 56, 00, 00, E9, 27, 96, 00, 00, E9, 72, 9A, 00, 00, E9, CD, 95, 00, 00, E9, E8, AA, 00, 00, E9, C3, BA, 00, 00, E9, 5E, 9B, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC...
 
[+]

Entropy:
7.9953

Packer / compiler:
Xtreme-Protector v1.05

Code size:
57.5 KB (58,880 bytes)

The file raidcall_v7.0.2.exe has been seen being distributed by the following URL.

Remove raidcall_v7.0.2.exe - Powered by Reason Core Security