shaman hack - icooper.exe

The application shaman hack - icooper.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from fs03n4.sendspace.com and multiple other hosts.
MD5:
2e27f50c474cb14611d939e9ef768971

SHA-1:
490f74b1cb848611cd36fd43de12ad71f6db61c2

SHA-256:
2ec0954d3fa9233e7c96dda091a800c20d80592dc6978a1a5faec0b9714c7d9c

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 9:54:51 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Riskware.Trainer.Meta (L)
16.2.5.20

File size:
4.3 MB (4,495,872 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\shaman hack - icooper.exe

File PE Metadata
Compilation timestamp:
6/28/2013 11:45:44 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:MJ/ghwN9QhWS2yOdjUDfsF6VqEfSITNBspSd0UxKo1XQuJ8qYSaM:M4hJ2FdUrAA5dtXORC

Entry address:
0x15EB

Entry point:
E8, 1C, 1B, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 56, 8B, 75, 0C, 56, E8, AC, 27, 00, 00, 89, 45, 0C, 8B, 46, 0C, 59, A8, 82, 75, 17, E8, 6A, 03, 00, 00, C7, 00, 09, 00, 00, 00, 83, 4E, 0C, 20, 83, C8, FF, E9, 2F, 01, 00, 00, A8, 40, 74, 0D, E8, 4F, 03, 00, 00, C7, 00, 22, 00, 00, 00, EB, E3, 53, 33, DB, A8, 01, 74, 16, 89, 5E, 04, A8, 10, 0F, 84, 87, 00, 00, 00, 8B, 4E, 08, 83, E0, FE, 89, 0E, 89, 46, 0C, 8B, 46, 0C, 83, E0, EF, 83, C8, 02, 89, 46, 0C, 89, 5E, 04, 89, 5D, FC, A9, 0C, 01, 00...
 
[+]

Code size:
35.5 KB (36,352 bytes)

The file shaman hack - icooper.exe has been seen being distributed by the following 28 URLs.

https://fs03n4.sendspace.com/dl/f7c4ba1304f1a4e642016eca46440abb/586410e44e0f8498/.../Shaman Hack - iCooper.EXE

https://fs03n2.sendspace.com/dl/d4aea791674a64ace4485a8e90da0759/587510c506dbad51/.../Shaman Hack - iCooper.EXE

https://fs03n4.sendspace.com/dl/f975d268f52088ac1d5d4ed5594da197/5883ab295f3cc3e3/.../Shaman Hack - iCooper.EXE

http://download1085.mediafire.com/2u5911x96a6g/.../Shaman Hack - iCooper.EXE

https://fs03n5.sendspace.com/dl/a0cf50be03a58186c8b75661491bd9df/56b70fe6254a4681/.../Shaman Hack - iCooper.EXE

https://fs03n3.sendspace.com/dl/8ce1d12aab1726e03a8e0264a87df1c8/583e026c173af3f5/.../Shaman Hack - iCooper.EXE

https://fs03n3.sendspace.com/dl/ceacae6a831312a11c631571634d9190/5824f0973f6a1e6f/.../Shaman Hack - iCooper.EXE

http://download1085.mediafire.com/byfjv5xo2u2g/.../Shaman Hack - iCooper.EXE

http://download1010.mediafire.com/uib86ag35tpg/.../Shaman Hack - iCooper.EXE

https://fs03n4.sendspace.com/dl/c12d4a71046414c86b276bd97d39944b/5811a9d144e7657b/.../Shaman Hack - iCooper.EXE

https://fs03n3.sendspace.com/dl/3fc093d5c213a428bdd2eeb8474d638f/57a9f25f5334cc6e/.../Shaman Hack - INFRIMSOUL.EXE

https://fs03n1.sendspace.com/dl/a1a9eeb6998d0acf81cf16b3b5bd76e5/57a5e70513b8847a/.../Shaman Hack - iCooper.EXE

http://download1085.mediafire.com/mczkmuxu00ag/.../Shaman Hack - iCooper.EXE

http://download1085.mediafire.com/b5kkxblm76sg/.../Shaman Hack - iCooper.EXE

http://download973.mediafire.com/wu7oju56l5sg/.../Shaman Hack - iCooper.EXE

https://fs03n4.sendspace.com/dl/f9078c2fe6a3dc84e1c8f70f4c06b4e0/5758bc486140b403/.../Shaman Hack - iCooper.EXE

https://fs03n5.sendspace.com/dl/b6e5755fc3626f32d84ef7b1c6d00409/56f5d82d7133560d/.../Shaman Hack - iCooper.EXE

http://download1085.mediafire.com/dqh21mkytslg/.../Shaman Hack - iCooper.EXE

Remove shaman hack - icooper.exe - Powered by Reason Core Security