home

sub-rosa-0-06-32-bits.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.funcyclecapital.com and multiple other hosts.
MD5:
91d4f8b6780052e552319413da2d71e6

SHA-1:
1ed5a5be6d4e20060774639bc265d0c53a890c06

SHA-256:
8828e4127af981bf4aff8eee9fdffb8a2599437bcf59f566c89e1d89f81fd040

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/8/2024 2:39:48 AM UTC  (today)

File size:
2.7 MB (2,802,219 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\sub-rosa-0-06-32-bits.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:AN6HDTcF1J0r/OG0ZAW/yMFvsjNPSmeclaof6o0m1n8pVppQC2MUvU8HYEXTYG:ANUHcLg/OHX/fFv+NKnBofNyO/UAYgkG

Entry point:
50, 4B, 03, 04, 14, 00, 00, 00, 08, 00, 77, 92, 18, 41, B5, F7, 3B, E8, A1, 04, 01, 00, 00, 10, 03, 00, 18, 00, 00, 00, 73, 75, 62, 72, 6F, 73, 61, 30, 36, 62, 2F, 64, 65, 64, 69, 63, 61, 74, 65, 64, 2E, 65, 78, 65, EC, 5C, 7D, 74, 53, E7, 79, BF, FA, B2, 05, 91, 91, 12, E4, C4, 69, A1, 31, 14, 08, C9, 28, CD, E7, 19, A7, 6E, 8A, 43, B9, 1D, D9, 50, 27, BB, A8, 4D, B3, B8, 83, 04, 16, D9, 26, 09, 4D, AC, 13, 4E, 6A, E5, 58, 96, 4D, 7D, B9, A8, C3, 19, 69, 49, C6, CE, 21, C1, 5B, 39, 2B, 67, F8, 24, 64, 75...
 
[+]

The file sub-rosa-0-06-32-bits.exe has been seen being distributed by the following 2 URLs.

http://www.funcyclecapital.com/ R3ymdapOkbx yt 8nKkl6Z68GdFzrrzDGZ4 MTUYM2eoTQ0r7VsVBPzqNGHMT 2hJxbTWMb2H9hRqu_HczNoEjQE7aKYAxtfKjtsmxAHTyE088wH2xSO2LcErQuwqVCiblySytPHw0usL0ooFPoLBYkXNqnTc_s44Q qxjP4OeFXrAN4R8q94yMRZ1R 27842G50op6CPmRkRC2fdKQgbFF5gosew==-GywAAMQuFxuS1nGCxPktbF2IIQMpJLEN5MYR ZUIK1G9xjXt2GiTr8G

http://crypticsea.com/.../subrosa06b.zip

Scan sub-rosa-0-06-32-bits.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.