re-volt.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download2224.mediafire.com and multiple other hosts.
MD5:
b5b5c1e7d0a56a949a2655a34abf03f7

SHA-1:
ad191992bf47d8baa250ca903c73cfee7318b544

SHA-256:
0a5b931f2752f7c8b216e2527d785d7d27f62f97d48b16ff8c0dda9594d57793

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/26/2024 2:49:31 AM UTC  (today)

Scan engine
Detection
Engine version

NANO AntiVirus
Trojan.Win32.Stanit.bdbaps
0.28.0.59608

Norman
Suspicious_Gen2.AELMQ
11.20140508

File size:
37.5 MB (39,279,143 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\re-volt.exe

File PE Metadata
Compilation timestamp:
10/4/2005 4:26:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:eQQyNJ6O4qWJV/4//Oau8JcuV0j+8KrebqpP+oEtMyRxAudFlj3mdi7Euy:eQ5JDWJFtEc7/KiXtMNobSuy

Entry address:
0x32D3

Entry point:
83, EC, 20, 53, 55, 56, 33, F6, 57, 89, 74, 24, 18, BD, 68, 91, 40, 00, 89, 74, 24, 14, C6, 44, 24, 10, 20, FF, 15, 30, 70, 40, 00, 56, FF, 15, 80, 72, 40, 00, 68, 8C, 92, 40, 00, 68, 40, 3B, 42, 00, A3, F0, 43, 42, 00, E8, DC, 27, 00, 00, BB, 00, B4, 42, 00, BF, 00, 04, 00, 00, 53, 57, FF, 15, B8, 70, 40, 00, E8, 79, FF, FF, FF, 85, C0, 75, 24, 68, FB, 03, 00, 00, 53, FF, 15, B4, 70, 40, 00, 68, 84, 92, 40, 00, 53, E8, B6, 27, 00, 00, E8, 59, FF, FF, FF, 85, C0, 0F, 84, 46, 01, 00, 00, BE, 00, A0, 42, 00...
 
[+]

Code size:
22.5 KB (23,040 bytes)

The file re-volt.exe has been seen being distributed by the following 16 URLs.

http://download2224.mediafire.com/jjxykxpspqig/.../Re-Volt.exe

https://app.box.com/index.php?rm=box_download_shared_file&shared_name=qryd98c7ukonz3l35qji&file_id=f_1486183135

http://download841.mediafire.com/a6c0006hu6ng/.../Revolt.exe installer.exe

http://download2058.mediafire.com/6iw61r214m8g/.../Re-Volt.exe

http://download2058.mediafire.com/rr89yinskyig/.../RE-Volt.exe

http://download2099.mediafire.com/adar78snktwg/.../RE-Volt.exe

Scan re-volt.exe - Powered by Reason Core Security