home

RUMUSKU.exe

RUMUS EASY

SMARTNET-BLITAR

Publisher:
SMARTNET-BLITAR

Product:
RUMUS EASY

Description:
VER1.1

Version:
1.00

MD5:
f490034db3afa58ece3ca2edcadc55b7

SHA-1:
438e4aaadd39aa9e6b11f2a6c48f045dd609f0de

SHA-256:
e4c9c88469bdcc8da748364976e5460afde895bcfec0a7a732c7b89f08f8b0fc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 9:06:44 AM UTC  (today)

File size:
200 KB (204,800 bytes)

Product version:
1.00

Copyright:
COPYRIGHTED

Trademarks:
mr.chan

Original file name:
RUMUSKU.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\rumusku.exe

File PE Metadata
Compilation timestamp:
12/20/2011 10:01:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:fjDHM/FFpCaUdVkAZy3N7A97VU04fbdeF7+atwKiRy0LtybigQk3l/cgQ4:ffs/FvCaeZypCBU04fbF4

Entry address:
0x1860

Entry point:
68, 54, 1A, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 2E, 2A, 2D, 16, 6E, 7A, 46, 43, B2, C7, C5, 00, 0A, 74, B8, 07, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2A, 5C, 47, 7B, 30, 30, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 30, 30, 2D, 30, 30, 30, 30, 00, 00, 00, 00, FF, CC, 31, 00, 05, FB, 6F, E3, 8B, 02, A2, 72, 41, 99, 9E, E6, 3C, D4, 69, 89, 16, 10, E6, 8C, E5, 30, 54, D2, 40, A9, 45, E9, 16, 27, D5, 44, CB, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
5.6514

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
188 KB (192,512 bytes)

The file RUMUSKU.exe has been seen being distributed by the following 4 URLs.

https://docs.google.com/uc?authuser=0&id=0B_bGYGo0IBJnY1Y0NDlUZVM0UGc&export=download

https://docs.google.com/uc?id=0BzsrGLNCiy_GOHhWWHBhalZyLU0&export=download

http://dc453.4shared.com/download/.../RUMUSKU.exe

https://docs.google.com/uc?export=download&id=0B3ZSc-b6N-gubnRXVUwta2VjdHc

Scan RUMUSKU.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.