» teracopy3a2.exe
Overview
Analysis
File Details
Downloads (14)

teracopy3a2.exe

TeraCopy

Code Sector

This is a setup and installation application. The file has been seen being downloaded from www.grabupdateshare.com and multiple other hosts.

File name:

teracopy3a2.exe

Publisher:

Code Sector

Product:

TeraCopy

Description:

TeraCopy Setup

MD5:

e134b99fa6c9f52dea665b7cb957b5ae

SHA-1:

1ae8b026112f24d132348d44779a1ed1378f97fb

SHA-256:

dbcda9123943619073b3c3c879e302d3181b1554196b75b8dc668be319e64cd3

Scanner detections:

6 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/23/2024 9:41:55 AM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Trojan.Win32.Dropper

4.0.3.15226

K7 AntiVirus

Riskware

13.198.15085

NANO AntiVirus

Virus.Win32.Gen-Crypt.ccnc

0.30.0.296

Trend Micro House Call

Suspicious_GEN.F47V0219

7.2.57

VIPRE Antivirus

Threat.4150696

48132

File size:

3.4 MB (3,532,439 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\programs\teracopy3a2.exe

File PE Metadata

Compilation timestamp:

7/9/2014 9:58:13 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:BlfPv4+cOmYCxwd0/iP5FiTDJaM62SHtQoXi:BlXv4ZOmYGwdUiPWyNDy

Entry address:

0x113BC

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

63.5 KB (65,024 bytes)

The file teracopy3a2.exe has been seen being distributed by the following 14 URLs.

http://www.grabupdateshare.com/MvYem3YtaLoHPP9L6nin5xrfrnbrTNlwEka9pvHoMM LdWMhSXR348SEoplB_wZUouWHTjPyRYg57KXd_h4gqGY04uHkqMBU4lg1G8ZrOXAcKXYFSlTy4yK3h3__ nr6U0srjgUvS_794rd7or2Uxvt9wlRGINWQ7hfHa7sRydtB4ZZ9vrkp_6e__VMbi5uzNYV5yNRW_kW2CmBNaopgt_HwP74U614b9aRJlzUo0XmKWuXT1Pv68zgxd8CQ0SR88 okqTLt7owVvbuorgyv2vHuxpvyglFh8_N4fGKfkAMt54lUl1Yl0MtdoqwiXqAOTK3P3XY0iDRG6_r9rqJDVMMX6NZupjrlDyyx_UEQtTFEkBhgcszdA6GjXAAwGs6dOvR8MD1mdwVXsCd4R_e4PUkEyrDNoVK1asmyer8K2P5oDynrzEEjB 6ebqOja9QgiiThgxAh9VPXvuLs1 M_vyYD7MihEHazdoJcN54Ogu2z2omSlt2SHYfbW_aEsHMlhfIXfbnNIwiHHxCAes8OUP8SAt59ZjsR6NKVjh3ExJtQ4e_nYotStNMZ04WxFh2Qy8kpo2vC8VdYCSaUTx6qK_5FFYLakK V1TQOj KKez61Uivdbwx1HcC6HkH0c_ez9Mg291FxOo5wumHn LMPbebL3Q 6k9jFxdBtReTbObUSkzRO5QFBIEUBGqlxh4Ij9MQM9aZL_1tkRC9snZubEjeOpoJegxOb0mfS47yqpQyWLFC1axw=-G0UAAMTaOW737ykZVrPsX_8DNiiOcfmgeIOMgw42AA4bY d5lEhvTCNj7rt3rHecvpmTpECFM9P1rSEGHVEFFUeLfwc=-e

http://www.afterdawn.com/software/.../download.cfm?version_id=96353&software_id=1340&mirror_id=0&installer=0&perion=0&air_installer=0

http://www.grabupdateshare.com/yi2FcnKxEstk93hg6W8HfnKJu7QK5hlyW 9KCC8Ckpm5Yl1cqIJcqRQeRTSCFpmjT dbRhkhZbx8AzgaoD2XS5WgNE wTDseNMFiREiVB4niAppJkKWOwpNUrzfKB2GDs1xXkaavmA8sxE2EmH8O9GMeKUOC1lVGC71sQF3FqbDpA3V0XtrMTyxc7BOKggTrdgZTD6KkJmM PwvU2iZriaOc1dVirMVlYQx1NhTfFJaQZtp59IQcKqII 9STc_5JiYKZL0z0pYBOLQVWSBS5SkzqGJ_IxQiABlLG7QRsWGlaZhAKpWGjRyD3wcPzQL_cVBTGM ZkXVCIEPLhXHv1ps9qx7X_HgZvU5TSPldB3M5q7WCDh7izsnvZNiIRp2x0ChaLuGZ4rZ8bCi24gHozfPSW0gbRTZFlEKbeXi0Pr 9hd5M3tORNRmhVfiHarGpA1EfLbL89BvnSLJuYb0kwYkUqqC136bGGWDzxmlmNEJzVD1PqwNExgEZph CCQ7rs2s3xYc6 ai4YKur24iaUSyC2O3GlJCYpEUMLT1FisM0mVcvhsaLbNH321aDyfIoV_MEqKpjDLfsVi99u4qKMFfSaoiS sXcnGsu Wvpj7LMtcgmcwaLUB22XdzJRgFDnU_o37CuIGhgI3Y xvKQprbO8O_kRF9zQipV0P5qbw9Q3LqGZAvEUxZ5N2pndPDvOhSlprFTSV3BmLeubHFOW2Tg 2VXUpPY16AXJbSMDyEr9W6kv97g=-G0UAAMTaOW737ykZVrPsX_8DNiiOcfmgeIOMgw42AA4bY d5lEhvTCNj7rt3rHecvpmTpECFM9P1rSEGHVEFFUeLfwc=-e

http://www.grabupdateshare.com/1elNS1AkvPP8DfHEN6JNFfHaLlAAWBIf5B4x9hOunWSiz8MQip06spY7D4JJVRkAmCTNRzHmn8jgrJns1 0Wp8L94ERSiT8u7Z iFZ_IwBsw6Nl7e7V23aINspczA WcIKp2rxSlSqlSin klOP7ZOl08AUhjVfBYR7rFfk7u0ktQkbRoTPt9A5pMFcx14IBpeIKWbRRv_TKjiGsgBQEsQH7cb7OgPWk264tdC8IE b1kTh48T75cFIqr1YQhe6UBCTEHxaNhc HLk2lgSD7JdI2Okp3N4jJIM0 Dy_0IaBxzMWbjK3idskNQSzADOn3ufaccDr8IDqWLOoln4ZssQCbWJLwPM_EtRqqD8Xs6mlXwzfj1WQ_fCFoFA JLGOM0K17y3ioqhw4TomwFgdrwffmQlIkvmz0LpRsuFlIUudRt8XXzf3C7ehYSXIVXsZc2dnIcDvXgzYTpsfSdLqewGXFv_OfwzSBL5HBJuWgmocSwTvhCNKF3lB8sHGl5upNHqsBepEQAaJHuUcBNzT94_gPUe6g3u8ds3DKe3ZnGp1ITYrvmhgvvwsZbbqFolYaZVIXc7wSKOmRmMUWxpim4zNl4HV21Qv6bdOW59oJFtrQcadtCXS1HX_0FtzDPD2 EWhuSfgC42uu11LFcU 7LDMVqLAyXedUI 968A2JuFfMuu7LffAZi37TobUEoeSnVg_ywf0D-G0UAAMTaOW737ykZVrPsX_8DNiiOcfmgeIOMgw42AA4bY d5lEhvTCNj7rt3rHecvpmTpECFM9P1rSEGHVEFFUeLfwc=-e

http://www.grabupdateshare.com/c?x=BcymAOuJok1btkJitBoj/0L/wHtSnbcI7qfw8VYmWEc=&c=9SS 8emvvgdB0LJmbXBxyA3pU7vqQp9mW7EXJBdVN63kydMrUleZ HB1W uNZuNwpQlPS7j2VJLVza99j4izzSXz/pPxRzpeQ LgnQQE7U tOm9s8rzTrBNkGQ0nrKp&downloadAs=TeraCopy Downloader - JalanTikus.exe&fallback_url=http://files.jalantikus.com/dde/241/.../teracopy.V.3a2.JalanTikus.exe

http://www.grabupdateshare.com/c?x=sk8Jt4s0BSOhxkpNQyGysoP1qnZE4XVU79Uce/bkSAI=&c=mPvYiPXKw4QDjih YenWqalzAusR3NFawX73RZueare 9Xeg39GLY/k5pRq3bekaTIp/ASAISNmE6uA 8 euYQHgBSKPrSiA9A2lx4PsXCyUepMD9of9Yc76Pfdtipz/hZ0gNHnOP9HmCwOovURiFA==&e=0&downloadAs=TeraCopy Downloader - JalanTikus.exe&fallback_url=http://files.jalantikus.com/dde/241/.../teracopy.V.3a2.JalanTikus.exe

http://www.tourbodycontent.com/c?x=180mf7C2knoYecrnVxvdU6xNbLL6mplzmUhT5YvXeK8=&c=lXNhQAUv 9RvrfGUfNuXldHJ7J9INsQp5RNM/BuC8pdX4UMhGJ8uMB0zEUTarORCgHrIQ4hj4S4BNGuY1B60xRTXMh9odhw0auoa7dDft7PuxEOcLIzFEd8Oy9wrFn0Q&downloadAs=TeraCopy Downloader - JalanTikus.exe&fallback_url=http://files.jalantikus.com/dde/241/.../teracopy.V.3a2.JalanTikus.exe

http://www.grabupdateshare.com/c?x=sYz6ww0RztS7TU7qPfEhRXfCwLux3J9 NfRaYfVIjiY=&c=Aj8zPJYfHkJQXhdVE9ke0Rh8eTdKLANk fxqQCtj7WbG2eKrtvZsg705KztUyar4xskDpZ CXpuLD5xj58c4V/gaz76ZXe6/3P3TJ/5rGemErHIXH/ipGdEn8kdw3xOf8/oRgQpFdqCUeRWycy6Weg==&e=0&downloadAs=TeraCopy Downloader - JalanTikus.exe&fallback_url=http://files.jalantikus.com/dde/241/.../teracopy.V.3a2.JalanTikus.exe

http://www.giftpresentsign.com/c?x=Hsl2ivbJg7C7XaXxFf4PcrhKHErr8nb21Rgd0p6oL7Y=&c=bU9seXamWlCh2PRzh6atAW2XCEEEtIQl3RTj 8MEWxXAnsOhNFUz5E9Xn36BItFm9aEKm/xnSJwPc6HM4JmZsE2nK3q6yV0Sh hi868sG8chdh9 LB/k4LKi6eUiP6AjIThnNkD2rsG1eCK7UvwzZA==&downloadAs=TeraCopy Downloader - JalanTikus.exe&fallback_url=http://files.jalantikus.com/dde/241/.../teracopy.V.3a2.JalanTikus.exe

http://files.jalantikus.com/dde/241/.../teracopy.V.3a2.JalanTikus.exe

https://jalantikus.com/apps/download/.../

http://storage.googleapis.com/.../teracopy3a2.exe

http://codesector.com/.../teracopy3a2.exe

http://codesector-eu.s3-website-eu-west-1.amazonaws.com/teracopy3a2.exe

Scan teracopy3a2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.