» -.exe
Overview
Analysis
File Details
Downloads (1)

-.exe

This is a setup program which is used to install the application.

File name:

-.exe

Version:

1.1.19.01

MD5:

bfc8ccb56bf294690fde9317a6ae35d1

SHA-1:

db465d52f003d3a0e24b4cd93941596fe363a926

SHA-256:

845d4a2f04f2d07c6db44f71d2ad5b8bf76fe7d95bd746fd91b3f5f6fe5de3e5

Scanner detections:

4 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/26/2024 8:23:45 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Crypt.XPACK.Gen

8.3.1.6

Dr.Web

Trojan.Packed.Based

9.0.1.0169

F-Prot

W32/Heuristic-210

v6.4.7.1.166

Quick Heal

(Suspicious) - DNAScan

6.15.14.00

File size:

358.3 KB (366,932 bytes)

Product version:

1.1.19.01

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\-.exe

File PE Metadata

Compilation timestamp:

1/5/2015 7:19:03 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

255.0

CTPH (ssdeep):

6144:N6Madyd2dL5L+3/eA4jA7NjK6LTTR7vm3320hYL4dhQnLAqb9fskrklT:N202XL+3/eP0dTd7+20hYE7QL10xT

Entry address:

0xB5000

Entry point:

60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 40, 00, 00, 61, 68, 38, E9, 4F, 00, C3, 34, D3, 78, 57, B9, D5, A2, D9, CC, 30, B8, 33, 3F, 5A, 3A, E4, B0, 04, DD, E1, F9, 08, 71, 20, 15, 6E, 53, 27, 5D, 1D, C7, FC, E2, 08, F4, DC, 5B, D6, CB, 36, 5A, 60, DA, CD, 07, D4, 8D, 0C, 1A, 96, 16, E0, BE, F1, AA, 29, E8, 0D, C0, 17, D9, 33, 6A, 59, 5B, BA, DD, 7B, BE, 83, 8A, 6B, 13, 45, 0B, E9, 99, C4, DA, A4, FC, F8, 72, 56, 14, A3, 14, 1E... 
[+]

Entropy:

7.8462

Packer / compiler:

ASPack v2.12

Code size:

100 Bytes (100 bytes)

The file -.exe has been seen being distributed by the following URL.

http://ge.tt/api/1/files/7MlI2NI2/.../blob?download

Scan -.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.