home

rubysetup.exe

7ZSfxNew

Oleg N. Scherbakov

This is a setup and installation application. The file has been seen being downloaded from download.ruby888.com.
Publisher:
Oleg N. Scherbakov

Product:
7ZSfxNew

Description:
7z Setup SFX

Version:
1, 2, 0, 715

MD5:
3f67182ea470abe49b9e91984acbfacb

SHA-1:
208208d0fac78ee27d966697f6be368cdcb13996

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 6:33:27 AM UTC  (today)

File size:
9.1 MB (9,590,376 bytes)

Product version:
1, 2, 0, 715

Copyright:
Copyright © 2005-2007 Oleg N. Scherbakov

Original file name:
7ZSfxNew.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Documents and Settings\{user}\My documents\downloads\rubysetup.exe

File PE Metadata
Compilation timestamp:
7/22/2007 9:33:05 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:aKY2PqgGKsDhPRlhjQSRyePvTMpGlRNsCuMDkS2uo:an2lGKkRltQSUgvWGNrDxo

Entry address:
0x14DA6

Entry point:
F6, C4, 91, 8A, CA, FF, C8, FE, C6, F6, C2, 13, 86, F1, 3D, 90, C6, 00, 00, 70, 07, 23, CD, FF, C7, 80, D0, 9E, 88, DA, BB, 64, C2, 00, 00, 8A, F5, B4, F5, 81, EB, BA, 43, 00, 00, FF, C3, 8D, 1D, 59, D1, D9, 9F, 81, F0, 34, 9F, 42, AB, 69, C9, 3A, C4, E2, FF, 69, F8, D8, 81, C8, C7, 69, ED, 87, 22, 13, 70, 87, C9, 69, D2, FA, DF, 73, EE, C6, C3, 6A, E8, 15, 00, 00, 00, C7, C1, BC, 72, 83, 6B, 8A, D7, 8B, D6, 88, EA, 2A, F5, 8A, CE, 03, C2, 71, 01, 45, F2, BB, 96, 64, 52, F1, F3, BA, 0C, 4C, D0, 08, 8B, C0...
 
[+]

Entropy:
7.9975  (probably packed)

Code size:
85 KB (87,040 bytes)

The file rubysetup.exe has been seen being distributed by the following URL.

http://download.ruby888.com:60325/.../rubysetup.exe

Scan rubysetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.