home

virtual.audio.cable.v4.09.retail-edge.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from dc663.4shared.com.
MD5:
ea8db4d4d04d7d4fca1171a0629b8b2a

SHA-1:
49c1b8056c6565ec6b94c938343249ba2f1b5dfb

SHA-256:
0def524234d25202788acd2e9df0a77ad4fa1f8e75fbc6b8cadae1d104927274

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 9:42:29 AM UTC  (today)

File size:
433.5 KB (443,944 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\virtual.audio.cable.v4.09.retail-edge.exe

File PE Metadata
Compilation timestamp:
9/16/2008 9:17:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
12288:a5Opr59KptmizjxnU3eMwJC9jaaTjHHAu:aIpV9Kpt9zcedJC93P5

Entry address:
0x1000

Entry point:
68, EE, AC, AE, 00, 2A, FE, 81, C7, 79, F3, A5, 94, 25, 36, FE, F4, 6B, 0F, CF, 52, 84, EF, 5D, 72, 07, B0, 6D, 3D, 42, 38, C4, EE, 8A, D2, 2B, CD, 81, FA, B1, DF, 00, 00, 72, 05, 1D, 0C, 30, 6B, DD, FE, C0, 68, 85, 44, 4E, 00, 68, 80, 26, 89, 00, 85, F7, 69, CA, 64, C6, AA, 9D, 85, F8, E8, 00, 00, 00, 00, 5D, FF, CA, 1A, E4, EB, 04, 84, E2, 04, E9, 8D, 1D, C9, F8, 01, 00, 8B, C8, 81, EB, 5C, B5, 01, 00, 81, FE, DB, A3, 00, 00, 74, 07, FE, C8, 01, FB, 0F, AF, D3, 24, 43, B9, DF, 06, 00, 00, 86, F0, 81, F1...
 
[+]

Entropy:
7.7152  (probably packed)

Code size:
80 KB (81,920 bytes)

The file virtual.audio.cable.v4.09.retail-edge.exe has been seen being distributed by the following URL.

http://dc663.4shared.com/download/.../VirtualAudioCablev409RETAIL-ED.exe

Scan virtual.audio.cable.v4.09.retail-edge.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.