home

spam.exe

Project1

BKHN

This is a setup program which is used to install the application. The file has been seen being downloaded from dc414.2shared.com.
Publisher:
BKHN

Product:
Project1

Version:
1.00

MD5:
e954c7378d8f3e8c7e1a1813ea95c8a1

SHA-1:
38a0137b6a654ac9494d3585ab7bc5bc43b5f95f

SHA-256:
ddea4275a1166e9a609ccbf6d7b80c34cc761f089a76bfad7ddc4940c9e2cb2f

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/5/2024 8:03:26 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
W32/Ramnit.A
7.11.30.172

McAfee
Trojan.Generic VB.hp
17.6.569.0

SUPERAntiSpyware
Trojan.Agent/Gen-Alient
9682

File size:
232 KB (237,568 bytes)

Product version:
1.00

Original file name:
Project1.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\spam.exe

File PE Metadata
Compilation timestamp:
8/30/2008 11:10:45 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:+CPyEpMnRPcLmEpMLRPcL3EpMoRPcL8EpMFRPcLVEpMGRPcL5j9EX/imCMC9EXMu:NecVLDDqxfHxo2nfltPbzNGKK/S

Entry address:
0x11B8

Entry point:
68, 98, 6A, 43, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, BC, D8, CE, 2C, D9, 8F, 8C, 4F, AD, 68, FC, 20, D4, 4A, D2, C2, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 00, 00, 00, 88, 7F, FF, 00, 00, 00, 00, 00, FF, CC, 31, 00, 09, E6, D2, 97, 0E, 66, 2C, A9, 48, A6, EA, 17, 39, D5, F4, 82, A5, F7, 90, 53, 96, 11, 67, C6, 40, AF, 3F, 83, 3E, A1, 2F, 00, 4F, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
220 KB (225,280 bytes)

The file spam.exe has been seen being distributed by the following URL.

http://dc414.2shared.com/download/.../Spam.exe

Scan spam.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.