vhdap0.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from go.cuevana.tv.
MD5:
1fd032cee2a2eb8f2554ec9fd394a27d

SHA-1:
efb6201cdfefa19c30e4636c9b90c9a9120207b0

SHA-256:
1ff767e32d7087b4d1f045456135d94c7354bd704d283fda4a1fafcb0f76b408

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 9:22:10 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
160518-2

F-Prot
W32/Damaged_VB.A.gen!Eldorado (generic, damaged, not disinfectable)
4.6.5.141

File size:
551.3 KB (564,559 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\vhdap0.exe

File PE Metadata
Compilation timestamp:
4/29/2013 2:50:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:XKtSk100EF2YzwfZYQhFhGtSk100EFMOi2tSk100Es:XKAQY0fZYqhGA2iAk

Entry address:
0x163C

Entry point:
68, 5C, 91, 43, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, A8, 00, 00, 00, 48, 00, 00, 00, FC, F7, A9, A9, 01, 7B, 1D, 4C, B0, 02, FA, 49, 92, EA, 86, 88, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 56, 69, 64, 65, 6F, 48, 44, 41, 63, 63, 65, 6C, 65, 72, 61, 74, 6F, 50, 6C, 75, 73, 00, 5C, 57, 45, 73, 74, 61, 20, 61, 70, 6C, 69, 63, 61, 63, 69, F3, 6E, 20, 73, 65, 20, 65, 6E, 63, 61, 72, 67, 61, 72, 61, 20, 64, 65, 20, 69, 6E, 73, 74, 61, 6C, 61, 72, 20, 6C, 61, 20...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
680 KB (696,320 bytes)

The file vhdap0.exe has been seen being distributed by the following URL.

Scan vhdap0.exe - Powered by Reason Core Security