winrar by. 2011corridos.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download846.mediafire.com and multiple other hosts.
MD5:
2e669c1e0ef888a458296f7a76b8fca0

SHA-1:
917233c0523d4490c33d82d5df092615a4c7e986

SHA-256:
868907949a47c09785d8608241d232ccd88386f173bc4c42ad53d831bc538f7d

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/30/2024 8:56:39 AM UTC  (today)

Scan engine
Detection
Engine version

Zillya! Antivirus
Trojan.Genome.Win32.61344
2.0.0.2056

File size:
1.2 MB (1,235,420 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\winrar by. 2011corridos.exe

File PE Metadata
Compilation timestamp:
7/10/2008 9:58:45 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
24576:ksa7wPOg4PeY1IpbyEQCcbF22V1TWx+zaTK/NMIPOjltd45DEud0:ksa7wveEvQfbTV8w+K/NH2jltdlU0

Entry address:
0x1000

Entry point:
E8, E3, 2A, 00, 00, 50, E8, D3, 07, 01, 00, 00, 00, 00, 00, 90, 55, 8B, EC, 53, 56, 57, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, D3, FF, 75, 14, 68, E5, 20, 41, 00, 6A, 00, 6A, 00, 8B, C6, 8B, CF, E8, A2, 47, 00, 00, 81, EB, 10, 01, 00, 00, 74, 05, 4B, 74, 14, EB, 57, FF, 75, 14, 6A, 66, 56, E8, 32, 0A, 01, 00, B8, 01, 00, 00, 00, EB, 47, 66, 81, E7, FF, FF, 66, FF, CF, 74, 07, 66, FF, CF, 74, 23, EB, 30, 68, 80, 00, 00, 00, 68, 6C, 39, 41, 00, 6A, 65, 56, E8, 78, 09, 01, 00, 6A, 01, 56, E8, 52, 09, 01, 00...
 
[+]

Entropy:
7.9707  (probably packed)

Code size:
68 KB (69,632 bytes)

The file winrar by. 2011corridos.exe has been seen being distributed by the following 26 URLs.

http://download846.mediafire.com/efdrie7miqeg/.../Winrar by. 2011corridos.exe

http://download846.mediafire.com/du7054q8at3g/.../Winrar by. 2011corridos.exe

http://download1275.mediafire.com/k92jdkkaobyg/.../Winrar by. 2011corridos.exe

http://download901.mediafire.com/hzrb87hjv5lg/.../Winrar by. 2011corridos.exe

http://download965.mediafire.com/hh1r3pp2zh5g/.../Winrar by. 2011corridos.exe

http://download786.mediafire.com/ckzdhyqliaug/.../Winrar by. 2011corridos.exe

http://download846.mediafire.com/ivvknn0cjq8g/.../Winrar by. 2011corridos.exe

http://download2217.mediafire.com/o7ltg2j46iag/.../Winrar by. 2011corridos.exe

http://download1167.mediafire.com/cnaefjpmdefg/.../Winrar by. 2011corridos.exe

http://download1275.mediafire.com/d993iq73v4fg/.../Winrar by. 2011corridos.exe

http://download2164.mediafire.com/uk06bu1ydpig/.../Winrar by. 2011corridos.exe

http://download2087.mediafire.com/4o4nattkelfg/.../WinRar Con Licencia by bencercito.exe

http://download2087.mediafire.com/r665mqz4u5og/.../Winrar by. 2011corridos.exe

http://download2087.mediafire.com/oq3ei9rac2gg/.../WinRar Con Licencia by bencercito.exe

http://download2087.mediafire.com/83rbkk7trulg/.../Winrar by. 2011corridos.exe

http://download846.mediafire.com/11fgxhmg9vxg/.../Winrar by. 2011corridos.exe

http://download1275.mediafire.com/r48yu459x7vg/.../Winrar by. 2011corridos.exe

http://download1275.mediafire.com/tb9ougipbbsg/.../Winrar by. 2011corridos.exe

Scan winrar by. 2011corridos.exe - Powered by Reason Core Security