rainbowsixsiege.exe

MD5:
aa43a7174fa522b0b8a784898bb4ac91

SHA-1:
39017461f3f019fa7e68c6a9a52a40abab3823b3

SHA-256:
d3bd2d2edf54e99c23d11944a5b3fbd51a7f57a5742cd160861e3a2fc4ea0613

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/5/2024 6:48:54 PM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM41.1.Malware.Gen
1.0.0.1077

File size:
4.5 MB (4,690,937 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\rainbowsixsiege.exe

File PE Metadata
Compilation timestamp:
12/1/2013 10:08:28 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:lHZL/SIftE/qD68waC47BnmTZjZikDX7zfrX9ZqM:DL/SIfiqD68waC47kZQkj7nSM

Entry address:
0x108AF

Entry point:
E8, 9C, 58, 00, 00, E9, 78, FE, FF, FF, 55, 8B, EC, 83, EC, 04, 89, 7D, FC, 8B, 7D, 08, 8B, 4D, 0C, C1, E9, 07, 66, 0F, EF, C0, EB, 08, 8D, A4, 24, 00, 00, 00, 00, 90, 66, 0F, 7F, 07, 66, 0F, 7F, 47, 10, 66, 0F, 7F, 47, 20, 66, 0F, 7F, 47, 30, 66, 0F, 7F, 47, 40, 66, 0F, 7F, 47, 50, 66, 0F, 7F, 47, 60, 66, 0F, 7F, 47, 70, 8D, BF, 80, 00, 00, 00, 49, 75, D0, 8B, 7D, FC, 8B, E5, 5D, C3, 55, 8B, EC, 83, EC, 10, 89, 7D, FC, 8B, 45, 08, 99, 8B, F8, 33, FA, 2B, FA, 83, E7, 0F, 33, FA, 2B, FA, 85, FF, 75, 3C, 8B...
 
[+]

Entropy:
0.9118

Code size:
98 KB (100,352 bytes)

The file rainbowsixsiege.exe has been seen being distributed by the following 27 URLs.

http://fra-7m20-stor01.uploaded.net/.../4145c64b-51ef-47a7-b8c5-2ef6503384fd

http://fra-7m20-stor01.uploaded.net/.../35553f5c-c2ad-4e93-aa30-7ae175ab1a3e

http://fra-7m20-stor01.uploaded.net/.../e90b3aaa-a4e7-42a8-96ee-53f6c038706a

http://fra-7m20-stor01.uploaded.net/.../afce63ca-0470-443e-8c10-39f10c256147

http://fra-7m20-stor01.uploaded.net/.../58e1a9d9-5893-41fd-ae78-efd8f5f34d3e

http://fra-7m20-stor01.uploaded.net/.../f585700d-504c-485f-b071-b89e03dfaedb

http://fra-7m20-stor01.uploaded.net/.../3bb995e3-abb2-43bb-84fb-b14f5bebb0e5

http://fra-7m20-stor01.uploaded.net/.../89a2b01d-7ed4-4b45-bdc1-302841c4ca0d

Scan rainbowsixsiege.exe - Powered by Reason Core Security