re-loaderbyr@1n.exe

Re-Loader By R@1n

The application re-loaderbyr@1n.exe has been detected as a potentially unwanted program by 11 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from d5.usercdn.com and multiple other hosts.
Product:
Re-Loader By R@1n

Description:
Activator

Version:
2.0.2.3

MD5:
6ecda49498c21201863980a28079b669

SHA-1:
8f11d6a6b1fc3eea545e45b410993c50aae8c53e

SHA-256:
58c19f4e5c84201037cfba23847cc9fe7d3b92c6523654343405d7e175854d67

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 5:01:16 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Strictor.100857
414

Arcabit
Trojan.Strictor.D189F9
1.0.0.629

avast!
Win64:PUP-gen [PUP]
2014.9-151217

Bitdefender
Gen:Variant.Strictor.100857
1.0.20.1755

Emsisoft Anti-Malware
Gen:Variant.Strictor.100857
8.15.12.17.05

F-Secure
Gen:Variant.Strictor.100857
11.2015-17-12_5

G Data
Gen:Variant.Strictor.100857
15.12.25

McAfee
Artemis!6ECDA49498C2
5600.6548

Microsoft Security Essentials
HackTool:Win32/Wpakill
1.1.12400.0

MicroWorld eScan
Gen:Variant.Strictor.100857
16.0.0.1053

Rising Antivirus
MSIL:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.151215

File size:
2 MB (2,056,495 bytes)

Product version:
2.0.2.3

Copyright:
Copyright © By R@1n 2015

Original file name:
Activator.exe

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
12/9/2010 9:58:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:SQ1Pc1VxB0gOpnrER29UOYeZcz0xxb0V++gXgEjIIxF+XqUHFRDc13G9nwrfMB8h:SAk1V3GY29dYiczr8wCtUHM13Gxwgq

Entry address:
0x2E5E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
4 KB (4,096 bytes)

The file re-loaderbyr@1n.exe has been seen being distributed by the following 2 URLs.

Remove re-loaderbyr@1n.exe - Powered by Reason Core Security