release3112n2.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s6651.chomikuj.pl and multiple other hosts.
MD5:
1944dd042b7fb754703a9e0967ff48b2

SHA-1:
c8ecd453c81725984d2fc4569035d1731007b084

SHA-256:
0594d680e78b4f1d63bb3b5487c518d7faa1b364cb685c062c95f9efbffa681f

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/15/2024 4:52:07 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PC-Guard
7.1.1

avast!
Win32:Malware-gen
2014.9-140816

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.14814

File size:
1020.5 KB (1,044,977 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
5/15/2003 10:43:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
24576:uwE9jld+8JW4MnhAqAhxLHYQUtG8kRJh66i3ixZ5OWw:uv/+8JW4Mn6qwzHdPhJi3mS

Entry address:
0x207F0

Entry point:
60, BE, 00, 60, 41, 00, 8D, BE, 00, B0, FE, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
44 KB (45,056 bytes)

The file release3112n2.exe has been seen being distributed by the following 10 URLs.

http://s6651.chomikuj.pl/File.aspx?e=J3IT3hdxCUVAKfk4KtABa5u7sCLArCGlxks4eZhrDVfqV32vNtD7NKMlKzlwo47cl128GRW0I8IpQd4NH5SBmdSefUr8I8D2KhZ0MR6Zt1ASiLeY82PiMDSEitVvdnmSgW8Le7tgvHsxACwPi8MMWQ&pv=2

http://s7175.chomikuj.pl/File.aspx?e=J3IT3hdxCUVAKfk4KtABa150YwoINpE0c-3iqfdq7SPlZgdY7Qj5c216FDoty3mGh9H_dI4EUQf9Jh1KrwP8uEbaFXBrZy9YZSdpodPbvDvglVS2YAiqmWsIa8MhtmOKvaVUixgyeNCxsFgCrszjrg&pv=2

http://s7175.chomikuj.pl/File.aspx?e=J3IT3hdxCUVAKfk4KtABa15-oOxl4hoQ2Obl8LY4Sh6ErIHeTnyjU-v-5owXb_ffGYYLx2qCrnCVwvuhvyV8je6s6nyf3cD7o66oFgn6khrQcUULz_1tNQEP2aoQE6LnnM9AppycGE9WArR2bhz5KA&pv=2

http://s7175.chomikuj.pl/File.aspx?e=J3IT3hdxCUVAKfk4KtABa9zHpT2Xra3MENHEeRsE9PJRwXKnh9dkS6R32rEIPrfedUn2WxWGzDBD14d9yLpBx3lwmtJoRZ4AJ2Frow9_eVHZFbuoU60JhHUpB18Y0q5fYZc8W0TbCEYoMxwron4w3g&pv=2

Scan release3112n2.exe - Powered by Reason Core Security