home

$rd5mebk.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from dl.commentcamarche.net.
MD5:
f2e2d6125bd1986c6dbb3dcff53d4d83

SHA-1:
137c7a00a74390713f0001c33e0a18c994e3ef38

SHA-256:
b12fafd02ca60d2c914fb2369152d3ac717ecc140b0ba40beb04666e492c1601

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 9:25:43 AM UTC  (today)

File size:
16.5 MB (17,327,963 bytes)

File type:
Executable application (Win64 EXE)

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
393216:rHSMAsTuaDcWXZoqwe27q4GktR/TVFmkE7s0ekaKEQJLa:brA8XDzJoqkmER/TVFmkE7sXk3EQJLa

Entry point:
48, 54, 54, 50, 2F, 31, 2E, 31, 20, 33, 30, 32, 20, 4D, 6F, 76, 65, 64, 20, 54, 65, 6D, 70, 6F, 72, 61, 72, 69, 6C, 79, 0D, 0A, 53, 65, 72, 76, 65, 72, 3A, 20, 42, 53, 57, 53, 2F, 31, 2E, 30, 0D, 0A, 44, 61, 74, 65, 3A, 20, 4D, 6F, 6E, 2C, 20, 32, 34, 20, 4D, 61, 79, 20, 32, 30, 31, 30, 20, 32, 30, 3A, 34, 35, 3A, 35, 35, 20, 47, 4D, 54, 0D, 0A, 43, 6F, 6E, 74, 65, 6E, 74, 2D, 54, 79, 70, 65, 3A, 20, 74, 65, 78, 74, 2F, 68, 74, 6D, 6C, 0D, 0A, 54, 72, 61, 6E, 73, 66, 65, 72, 2D, 45, 6E, 63, 6F, 64, 69, 6E...
 
[+]

Entropy:
7.9985  (probably packed)

The file $rd5mebk.exe has been seen being distributed by the following URL.

http://dl.commentcamarche.net/www.commentcamarche.net/download/.../PhotoScapeSetup_V3.5.exe

Scan $rd5mebk.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.