seterra.exe

Seterra

Marianne Wartoft AB

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from download690.mediafire.com and multiple other hosts.
Publisher:
Marianne Wartoft AB

Product:
Seterra

Description:
Seterra Setup

MD5:
8c252bd003822e2ce330b447c077a02b

SHA-1:
322500c9632b83a4dc5598e0333cb77e42ae56f4

SHA-256:
3f2b2cd146b752157af4818d5bd1cb4c9d8e6b4c046d0786f4346e951405c20b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 10:34:03 AM UTC  (today)

File size:
4.2 MB (4,422,677 bytes)

Product version:
4.02

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\seterra.exe

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:JJOywrNvA3MJ+hpMMC7ToOOvCq9UW+te5F0Um8ibRqkCX:XOywVEMJypMKOCCWr+g+jCX

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9965

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file seterra.exe has been seen being distributed by the following 10 URLs.

http://download690.mediafire.com/dv76w8cojilg/.../seterra.exe

http://www.giftnewgift.com/rfW_FPuuc9vvGSb 7cgJ7mO U9nYNDXLVatPYN24WU9X6W6 L jL8r9zxBk9iGXuOhm6S3UXyb09ZM4YFqMFpXwUdgjN6x_7Gqr8pDou6MY i4iYJbPLFuDYJcAxe0OZAn7nc6IOL 3d86v_BPilq9dlZUikuhgi0eX2ord1m7W0uKans2 oJRvV9pM0XT9MzzlWz kJFL6mnuyOxorM3YJ961Hdzu2L57hCZZwMWS0 iFF4ziA6KE5tjwIe4jU3N_O9xrUJz2f7TmoVIkmCNClOorzfHmOix6qsosZAt52Wv iLhpZ3k 4YAnK6u DjBDsKGC8zRrU2RSTxb1HbuhlRRS5be68KSPhQgKSMbfdoCBnirDf r739siNub4SATiKNnryFrn_7Shbq_Z8sUIXm3QOyIPeS_4X3vKj1vtAsvJXi KkBJlJa Q2AEdaow4Y9MRFHA6Wp_QVek5aoeMGKKqkDBZ8MaGCllx14wvNdDExqH9U29buPMGs4yewtZhFV6 kc-G3EAAORte8umjRodabSGiEg0KrB0ygF7rSw85Rc CB_chuDxC41A jrUNZ5nDeIW_eLM0x fuyEBD3GFUaGV3ONvfjdcjZZLEt8JGpuQ4Zx2nekbFuIA-e

http://c236.x8top.net/2107tmp/cf/soft/2014/6/ba/.../seterra_3041.exe

http://www.bytepresentbyte.com/fvmQKza59Xv cOaEI5R08jzsJ8rZYMZUTbHW43c7dZKwYL9LPS92fQNij4d0vfELXPXm5Aw07WCammsOBJ9ad27a5gzBmROpGLwLRW0c_U1GmjB8q23nnQuImRUKMAwTMGQChqNrFtkQZLnyHFzi6VRVvPRF6XlXpmWhANBId5eK_nKWmj43Va BSu8hd9D9kvzHz eZagfopeX4Kf2by5Zj1GDxJV0Sn4uyZrAF68Tsk8PHbVmlIfL hJC74U 3iqZSUsMRFv81ng2Smp2 LesbeIgGPNJq1_UwLHHrujJmLIt8rnrXlGUIIIp Xa7wvtjxjz9OyUiOWrF3IApVeMvHe6LsUrfboWWxuyWyx l9Vam7mxJshWSoDp32woQxbDZsmaM0uEHiRL6QXPW2f_CwLdfBlCc3pH8H5eB9GoyWbNul2w9bavJ0qqGSgcE3f7wmQiFZpXizzkxyfaca qLiMT3UwH1F5xAXscrTYyKfbsT8GIUiw3Jv4dmAqnnluZ7NDKLE-G3YAAGR3fp9zPuVY4nqWtFgNZQa5OHDYLRsmvSccAAe6sfDQBMEhHJvhvsZtnCBuYTnMPPnxtdsof7fSktavmi0W_5vs huM8nqQfgrwjdyQWZEz 0UMwgA=-e

http://s8286.chomikuj.pl/File.aspx?e=2wg0F3USQB_HXOqfwlBKwT7g-BbIFPsn2GfISAUB4JfYLthS0ey2CTMACOgRr-nDyoVn2AupTUozHwPgB_YXx_PJhBhLr6uBLDVJNWQXWHgEYztcnEtnO1yjqSpMn7MrN0FnK3PPKlbZIOji53QLb8nqQOvdEv-QVbkPnnRI8VxxXZbAqUVhBbL6CNT0Ma9mLfwkmxRb_QXxztwR0qSPaYXX28MKoPU-WiArsE17bC8XnMy_eOqvxu6GJlhL7k1GeqEk-TRY0WN6-Ikzd_rCJRS8azVmf1k1Do61uudV_cAWxxpF8PEUNyGeRQrs0737mKn7S7mZICJB2g_eYPDuETGJElj_3fXnfq9AXiasnx2ZZSfEpsBHAC2u9Xoou-JNke7GOgZ6c87EX3-Ai3qghQ&pv=2

Scan seterra.exe - Powered by Reason Core Security