walking-dead-1_2_3_4_5.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from fra-7m18-stor09.uploaded.net and multiple other hosts.
MD5:
4a4012b060fb10bd0135ede34108220f

SHA-1:
5ccf17d468a765df90208a6c17b32cebd17f1353

SHA-256:
6ae9acb53b3f55d3566879bd094c5ab18aba73c758e8f1d493a47dd0122613a3

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/30/2024 8:39:34 PM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM06.2.Malware.Gen
1.0.0.1015

File size:
3.3 MB (3,431,033 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\walking-dead-1_2_3_4_5.exe

File PE Metadata
Compilation timestamp:
12/1/2013 8:08:28 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:BxjNmu0B+9A66Ixj7A0bGHzcU+cI+YikHGzu:/Bmu0gy66Ixw0be+eY4zu

Entry address:
0x108AF

Entry point:
E8, 9C, 58, 00, 00, E9, 78, FE, FF, FF, 55, 8B, EC, 83, EC, 04, 89, 7D, FC, 8B, 7D, 08, 8B, 4D, 0C, C1, E9, 07, 66, 0F, EF, C0, EB, 08, 8D, A4, 24, 00, 00, 00, 00, 90, 66, 0F, 7F, 07, 66, 0F, 7F, 47, 10, 66, 0F, 7F, 47, 20, 66, 0F, 7F, 47, 30, 66, 0F, 7F, 47, 40, 66, 0F, 7F, 47, 50, 66, 0F, 7F, 47, 60, 66, 0F, 7F, 47, 70, 8D, BF, 80, 00, 00, 00, 49, 75, D0, 8B, 7D, FC, 8B, E5, 5D, C3, 55, 8B, EC, 83, EC, 10, 89, 7D, FC, 8B, 45, 08, 99, 8B, F8, 33, FA, 2B, FA, 83, E7, 0F, 33, FA, 2B, FA, 85, FF, 75, 3C, 8B...
 
[+]

Entropy:
7.9526  (probably packed)

Code size:
98 KB (100,352 bytes)

The file walking-dead-1_2_3_4_5.exe has been seen being distributed by the following 50 URLs.

http://fra-7m18-stor09.uploaded.net/.../be021e03-cd75-4504-8539-d8c275529d6f

http://fra-7m18-stor09.uploaded.net/.../1ed33eb3-3428-4a03-a8c1-fda91183355d

http://fra-7m18-stor09.uploaded.net/.../bdc8df0b-0482-460d-9e36-7fc1e3a673b3

http://fra-7m18-stor09.uploaded.net/.../7f029d3e-95a9-4597-9fb6-13eb8cc0c2ad

http://fra-7m18-stor09.uploaded.net/.../fb7f2f8a-b0f7-4cfb-b55a-1e51d0fa40e7

http://fra-7m18-stor09.uploaded.net/.../362793a7-c0c1-4262-b5d8-c5c072e3f793

http://fra-7m18-stor09.uploaded.net/.../6f4a26b1-ef72-4daa-8a41-ac82e1bd7f2d

http://fra-7m18-stor09.uploaded.net/.../b9ec4d2e-7391-425b-8828-631ef5ba8604

http://fra-7m18-stor09.uploaded.net/.../b1086942-9ec1-474f-b7a2-e9fba0d88ce4

http://fra-7m18-stor09.uploaded.net/.../44642d09-15ce-4f79-a787-a57746f0d4f3

http://fra-7m18-stor09.uploaded.net/.../e89bcc1d-3384-43dc-a2a3-362230b556f4

http://fra-7m18-stor09.uploaded.net/.../92248878-026c-4612-9b6e-79e86f95af84

http://fra-7m18-stor09.uploaded.net/.../ee036b3a-dbfc-449f-bd0e-18493f81c390

http://fra-7m18-stor09.uploaded.net/.../1df514ae-7963-48ad-a424-9bb88410b384

http://fra-7m18-stor09.uploaded.net/.../fc704651-ff65-4d99-93fb-37dce575639a

http://fra-7m18-stor09.uploaded.net/.../8b12d8ab-70f0-4ee0-8dd9-3c30e35437d2

http://fra-7m18-stor09.uploaded.net/.../30a62936-e85c-4f17-b6eb-ad8790bdd82b

http://fra-7m18-stor09.uploaded.net/.../0f797535-2e08-4a71-b652-66c544b178a6

http://fra-7m18-stor09.uploaded.net/.../872a2bee-ad55-426c-b93c-b9b6a499a801

http://fra-7m18-stor09.uploaded.net/.../3b9b7475-d05f-4739-ac36-2bf1da51836d

http://fra-7m18-stor09.uploaded.net/.../b404f183-9437-4f6d-87e5-f88642ee91e4

http://fra-7m18-stor09.uploaded.net/.../b0096b91-481d-4d00-9480-4ba598f259d0

http://fra-7m18-stor09.uploaded.net/.../b8466f5a-2a8a-4b49-b0e7-603d1cc7f7d3

http://fra-7m18-stor09.uploaded.net/.../6edac7d7-7ad3-4bac-b0b4-af896fd3365c

http://fra-7m18-stor09.uploaded.net/.../a1fab23d-29d0-4b48-8463-8cf436c7807d

http://fra-7m18-stor09.uploaded.net/.../493dfc96-c7c4-47a8-9c92-3db802d27baa

http://fra-7m18-stor09.uploaded.net/.../493af86c-33c0-47e0-bc87-99d0ae7b81f9

http://fra-7m18-stor09.uploaded.net/.../de8b9785-9324-4c39-bb86-2cef663a8dd5

http://fra-7m18-stor09.uploaded.net/.../22db5a58-86de-479e-9b44-205e1f6ebe55

http://fra-7m18-stor09.uploaded.net/.../3aaeb5fc-04a7-4f81-a71f-994b3d112fc6

Latest 30 of 67 download URLs

Scan walking-dead-1_2_3_4_5.exe - Powered by Reason Core Security