» sn0wbreeze-v2.9.7.exe
Overview
Analysis
File Details
Downloads (1)

sn0wbreeze-v2.9.7.exe

sn0wbreeze

iH8sn0w

This is a setup program which is used to install the application. The file has been seen being downloaded from everythinghacks.webs.com.

File name:

Publisher:

iH8sn0w

Product:

sn0wbreeze

Version:

4.0.0.0

MD5:

759d25973d9fde36bb8bcb0932148b3f

SHA-1:

a8de5f02ff54955f07f0e46e4a42ee34dfe7ec60

SHA-256:

43b3594d3641f2e1c97de9f7ab46118cb3dd52bf8a00c4bd1b9b7a90857b8921

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/5/2024 8:10:22 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.HfsAutoA

1.3.0.4923

Sophos

JailBreak - sn0wbreeze

4.97

ViRobot

JS.A.Pakes.25271296

2011.4.7.4223

File size:

24.1 MB (25,271,296 bytes)

Product version:

4.0.0.0

Original file name:

sn0wbreeze.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

11/11/2012 6:26:08 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

786432:sIBtIrCnmLdu/Lay70iUN7z8ZWWgNwpp:sIfGCmLdujaOrUoXgCX

Entry address:

0x1805DBA

Entry point:

FF, 25, C8, 5D, C0, 01, 00, 00, 00, 00, 00, 00, 00, 00, 9C, 5D, 80, 01, 00, 00, 00, 00, 00, 00, 00, 00, 30, 50, A0, 50, 00, 00, 00, 00, 02, 00, 00, 00, 78, 00, 00, 00, EC, 5D, 80, 01, EC, 3F, 80, 01, 52, 53, 44, 53, 78, 45, 15, 91, AA, AA, 21, 4C, B6, CB, 5C, E4, 62, 26, 69, FA, 01, 00, 00, 00, 44, 3A, 5C, 4D, 79, 20, 44, 72, 6F, 70, 62, 6F, 78, 5C, 50, 72, 6F, 6A, 65, 63, 74, 20, 62, 72, 65, 65, 7A, 65, 5C, 73, 6E, 30, 77, 62, 72, 65, 65, 7A, 65, 5C, 73, 6E, 30, 77, 62, 72, 65, 65, 7A, 65, 20, 32, 2E, 39... 
[+]

Entropy:

7.8975 (probably packed)

Code size:

24 MB (25,182,208 bytes)

The file sn0wbreeze-v2.9.7.exe has been seen being distributed by the following URL.

http://everythinghacks.webs.com/sn0wbreeze-v2.9.7.exe

Scan sn0wbreeze-v2.9.7.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.