receita_0.0.3.exe

Setor

The executable receita_0.0.3.exe has been detected as malware by 9 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from assistenciairpf.com and multiple other hosts.
Publisher:
Microsoft*  (Invalid match)

Product:
Setor

Description:
Recursos Humanos

Version:
2.1.6.1

MD5:
4ebcd57aa485f5590009722c1eb04cd4

SHA-1:
2119029fb76c33a4ef48ba525dc313fe40945a13

SHA-256:
360cf9640ed5b56eb9c382fdc1930d085fea2b18b8c18573126e3aa901bd13f4

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
11/27/2024 7:37:28 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Strictor.95148
5691347

avast!
Win32:Dropper-gen [Drp]
160118-1

Emsisoft Anti-Malware
Gen:Variant.Strictor.95148
10.0.0.5366

ESET NOD32
MSIL/TrojanDownloader.Banload.EQ trojan
7.0.302.0

F-Secure
Variant.Strictor.95148
5.15.21

Kaspersky
Trojan-Ransom.Win32.Blocker
15.0.0.562

McAfee
Trojan.Artemis!4EBCD57AA485
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.3732.0

Norman
Gen:Variant.Strictor.95148
11.01.2016 17:30:26

File size:
16.5 KB (16,896 bytes)

Product version:
2.1.6.1

Copyright:
Copyright © Microsoft 2015

Original file name:
Mitologia.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\receita_0.0.3.exe

File PE Metadata
Compilation timestamp:
8/21/2015 4:11:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:luJX9txm4nnIDCxMoWY6OoCvQYylWjIg1AYcAe+m:lu/hMLOoCvQYyWLAYcAe+m

Entry address:
0x3FEE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 48, 00, 00, 80, 10, 00, 00, 00, 60, 00, 00, 80, 18, 00, 00, 00, 78, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 90, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 7F, 00, 00, A8, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
8 KB (8,192 bytes)

The file receita_0.0.3.exe has been seen being distributed by the following 3 URLs.

http://assistenciairpf.com/

Remove receita_0.0.3.exe - Powered by Reason Core Security