test.exe

The executable test.exe has been detected as malware by 2 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from fs10n5.sendspace.com.
MD5:
01610e54af8b7d41a6cefce8c9755417

SHA-1:
7bfe18004ffcbec85d5cd5eec376f906144a558e

SHA-256:
8063bb357bec3f64c2530b474c4e00833453fcdb6d2e7683ebbe7b361b62faea

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
12/26/2024 12:36:31 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Bladabindi.BC trojan
6.3

F-Secure
Generic.MSIL.Bladabindi.08D19645
5.15.96

File size:
227.5 KB (232,960 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\test.exe

File PE Metadata
Compilation timestamp:
7/30/2016 5:03:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:+hEk90xR3q0UX340jZtg6PXTjDHnjr2Ry7r2Ij7HwmDWUzjC:csvI3jjZ6ir2RorPDwmDWq

Entry address:
0x74AE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
21.5 KB (22,016 bytes)

The file test.exe has been seen being distributed by the following URL.

Remove test.exe - Powered by Reason Core Security