setup_filemaster_14_0.exe

The executable setup_filemaster_14_0.exe has been detected as malware by 11 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.fifa-master.com.
MD5:
fa5b2add43cc329a622f43b24f1e5f19

SHA-1:
d2b02cc03432e926649fb2f8643bdaa7045104fe

SHA-256:
848e1542e60ef8f04dd1d4ba06b4df0003b9d62d30a178e755280d8d7e7cca70

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
11/14/2024 10:15:19 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
JS/Redirector.EB.32
7.11.165.88

avast!
JS:Redirector-BTD [Trj]
140617-1

Comodo Security
TrojWare.JS.Obfuscated.DI
19090

Dr.Web
SCRIPT.Virus
9.0.1.0217

Fortinet FortiGate
JS/Redir.NV!tr
8/5/2014

Kaspersky
HEUR:Trojan.Script.Generic
14.0.0.3452

McAfee
JS/Redirector.bb
5600.7047

Microsoft Security Essentials
Threat.Undefined
1.179.2201.0

NANO AntiVirus
Trojan.Script.Redirector.czylrv
0.28.2.61349

Sophos
Troj/JsRedir-NV
4.98

VIPRE Antivirus
Threat.4774189
31208

File size:
1.6 MB (1,673,854 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\setup_filemaster_14_0.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
24576:OxGyNPPKNdq+UsF6rqcWSEDtnj1z/NloxunRuR1HA/0tMfm9aG:zWPCdqZscrqcWSEDFj1kxuRRctMfm9aG

Entry point:
3C, 68, 74, 6D, 6C, 3E, 0D, 0A, 3C, 68, 65, 61, 64, 3E, 0D, 0A, 3C, 2F, 68, 65, 61, 64, 3E, 0D, 0A, 3C, 62, 6F, 64, 79, 3E, 0D, 0A, 0D, 0A, 3C, 73, 63, 72, 69, 70, 74, 20, 74, 79, 70, 65, 3D, 22, 74, 65, 78, 74, 2F, 6A, 61, 76, 61, 73, 63, 72, 69, 70, 74, 22, 3E, 0D, 0A, 3C, 21, 2D, 2D, 20, 0D, 0A, 65, 76, 61, 6C, 28, 75, 6E, 65, 73, 63, 61, 70, 65, 28, 27, 25, 36, 36, 25, 37, 35, 25, 36, 65, 25, 36, 33, 25, 37, 34, 25, 36, 39, 25, 36, 66, 25, 36, 65, 25, 32, 30, 25, 36, 33, 25, 36, 32, 25, 33, 34, 25, 36...
 
[+]

Entropy:
7.9550  (probably packed)

The file setup_filemaster_14_0.exe has been seen being distributed by the following URL.

Remove setup_filemaster_14_0.exe - Powered by Reason Core Security