rld-fi11.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s6056.chomikuj.pl and multiple other hosts.
MD5:
ff545d64eb37b0f1b98acba8a204ba82

SHA-1:
d81f89e8ac44ea42d26a601e7b147e74a3673935

SHA-256:
58a797fb296ca3290f597ada6864196d2968cbc7722d28e8e6b2bcf0e86f0a03

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/28/2024 11:40:38 AM UTC  (today)

Scan engine
Detection
Engine version

ViRobot
Backdoor.Win32.Bifrose.69632.S
2011.4.7.4223

File size:
8 KB (8,192 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\$recycle.bin\s-1-5-21-1850220490-12710740-373490001-1000\$ruasy6l\crack\rld-fi11.exe

File PE Metadata
Compilation timestamp:
1/25/2037 12:35:50 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
48:OEPihrMpVXv2pmL3L0Jacr6P0EC4/24kixRr2rV9bqJ3d1kZsZ2BxJt3G4MgnDuy:nPixwhjg0ue0hekZsZ23JtOXy

Entry address:
0x1000

Entry point:
6A, 00, E8, FB, 05, 00, 00, 85, C0, 74, 11, 33, DB, 53, 68, 25, 10, 40, 00, 53, 6A, 65, 50, E8, 34, 06, 00, 00, 61, 6A, 00, E8, E4, 05, 00, 00, C3, C8, 00, 00, 00, 53, 57, 56, 8B, 45, 0C, 83, F8, 10, 74, 25, 3D, 11, 01, 00, 00, 74, 2F, 3D, 10, 01, 00, 00, 74, 3E, 83, 3D, 36, 25, 40, 00, 01, 74, 05, E8, 11, 05, 00, 00, 33, C0, 5E, 5F, 5B, C9, C2, 10, 00, 6A, 00, FF, 75, 08, E8, DB, 05, 00, 00, 5E, 5F, 5B, C9, C2, 10, 00, 8B, 45, 10, 66, 3D, 02, 00, 74, E6, 66, 3D, E9, 03, 75, D7, E8, 2B, 00, 00, 00, EB, D0...
 
[+]

Code size:
2 KB (2,048 bytes)

The file rld-fi11.exe has been seen being distributed by the following 7 URLs.

http://s6056.chomikuj.pl/File.aspx?e=JhXv3oFayJwtIS_OigwJdFAl5WhDejBX64I_ZecLIRY0K3mJLOegRxsXzMRAReGzwLf2jKpnAFQTekJwUtacoQmKSlqUOmErzidHC2-mKjXuMFaaJnvUpEtPGrqWllhkHRVdZzppxBxoiDdLEo2vig&pv=2

http://s10241.chomikuj.pl/File.aspx?e=JhXv3oFayJwtIS_OigwJdFUn2sox5fTpzUB5K-tNDKDKIX4idk3ZRQP_jo6Hed6ohY65_XNkimXlHby5OPWELe3yX9ekBgWENOv-L5M4q4Ed765exCDg2elmA-UWJqfsycolEIPYbv9uk6mGg25B6g&pv=2

http://s6056.chomikuj.pl/File.aspx?e=JhXv3oFayJwtIS_OigwJdCmpLeCKERb4Tm3rKreC3qvo_GI7y25Dw52tKoQPoqHfdzV5qxUJt_2z0JHt9jXGimwuFJrokawfd4GrugpNNP2RG1tMEZW9BCZGbtrPijzg6-zr9r8YQxq71YXLs7A_eA&pv=2

Scan rld-fi11.exe - Powered by Reason Core Security