» rld-tw2k.exe
Overview
Analysis
File Details
Downloads (2)

rld-tw2k.exe

File name:

rld-tw2k.exe

MD5:

498b27c26e2e76e5bd0590c306d911d9

SHA-1:

2bfd2b09c61ab3f2f06f6fd7f15dc5d31dee0566

SHA-256:

eb696e4be2859e647eff82b4682dcd52abcf2c55804361ef37672225c404ee98

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/5/2024 8:20:51 PM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Trojan.Win32.Generic.125CB952!308066642

23.00.65.15503

File size:

8 KB (8,192 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

1/23/2047 2:41:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

96:nPI0Wew9BCd6Lc+cb3C7NWWueTukNysXqCv7kB4Om:nw0W5KScRsrykNXfIB4O

Entry address:

0x1000

Entry point:

6A, 00, E8, 93, 04, 00, 00, 6A, 00, 68, 1E, 10, 40, 00, 6A, 00, 6A, 65, 50, E8, 5E, 04, 00, 00, 50, E8, 82, 04, 00, 00, C8, 00, 00, 00, 83, 7D, 0C, 02, 74, 1E, 83, 7D, 0C, 10, 74, 18, 81, 7D, 0C, 11, 01, 00, 00, 74, 20, 81, 7D, 0C, 10, 01, 00, 00, 74, 32, 33, C0, C9, C2, 10, 00, 6A, 00, FF, 75, 08, E8, 44, 04, 00, 00, 6A, 00, E8, 49, 04, 00, 00, 66, 83, 7D, 10, 02, 74, E8, 66, 81, 7D, 10, EB, 03, 74, 53, 66, 81, 7D, 10, ED, 03, 74, 54, C9, C2, 10, 00, 68, 00, 20, 40, 00, FF, 75, 08, E8, 09, 04, 00, 00, 68... 
[+]

Entropy:

2.9086

Code size:

1.5 KB (1,536 bytes)

The file rld-tw2k.exe has been seen being distributed by the following 2 URLs.

http://s10327.chomikuj.pl/File.aspx?e=W_olym7ZO6cpU3AY_tngm9ywkstSDPqIy8ucRR_CBh2teEHVWcdp9AyK17gyXEWNL7aygSH2ivY8YPZOaR1egmthe5o0mrJD5Nazg5wFNy-NknUjEsiHjwaPp26UG18MNQnsO_c-mJghxP8AXmhXBw&pv=2

http://dc414.2shared.com/download/.../rld-tw2k.exe

Scan rld-tw2k.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.