» app.exe
Overview
Analysis
File Details
Programs (1)
Downloads (159)

app.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from letoltes.szoftverbazis.hu and multiple other hosts.

File name:

app.exe

MD5:

8beb1a5bc7ef0e2a2d7eb44b74a2ade7

SHA-1:

8f45a84e7ddccc5503bbec6417789f164b00ff83

SHA-256:

30b4788a7ca06bf9f98e8594b5f6fe9337d62dbf36cf1455a601435a4520b561

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/25/2024 3:38:11 AM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Trojan.Zbot!6.103C

23.00.65.131219

File size:

23.2 MB (24,278,649 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\app.exe

File PE Metadata

Compilation timestamp:

1/5/2012 7:21:23 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.22

CTPH (ssdeep):

393216:k8auCOtUzjP4X/ChTF2ldxNTO6ffiB8WmXgNVATs7u192z+oi4UlK0A:Tet9F8M6f1WogNGMiosA

Entry address:

0x4327

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, 93, 42, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, 94, 42, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, 94, 42, 00, 56, A3, 40, 7B, 42, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8D, 3B, 00, 00, A3, 9C, 7B, 42, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 01, B3, 40, 00, FF, 15, AC, 94, 42, 00, 83, EC, 14, C7, 44, 24, 04, 02, B3, 40, 00, C7... 
[+]

Code size:

34.5 KB (35,328 bytes)

The file app.exe has been discovered within the following program.

Garena - League of Legends by Garena Online Pte Ltd.

League of Legends is a multiplayer online battle arena video game where players are formed into two teams of five Champions. League of Legends is a session-based game. Matchmaking creates teams with even average MMR (Matchmaking Rating) of the constituent players.

lol.garena.com

About 1% of users remove it

The file app.exe has been seen being distributed by the following 50 URLs.

http://letoltes.szoftverbazis.hu/8f7TfGMQLvBX0IxANGgC7w/1488537923/.../vlc-2.1.0-win32.exe

http://letoltes.szoftverbazis.hu/tjjvVzDHWCe4P9fCLG-Itw/1486205438/.../vlc-2.1.0-win32.exe

http://dw8.uptodown.com/dl/1383184047/.../vlc-media-player-2-1-0-es-en-br-fr-de-it-cn-jp-ru-nl-pl-cz-dk-fi-kr-se-tr-cat-win.exe

http://vlc-mirror.connect.net.pk/vlc/2.1.0/.../vlc-2.1.0-win32.exe

http://filehippo.com/download/file/.../

https://dw.uptodown.com/dwn/OnGkNxUkGTcgTASUwJQUVkSCY-ENJU7An3hjOhsJK1qfNRnU9v79zUKqZoSLjBC5lg7qMx6702W3Mmr1IZfiL_WkDy09iNTVVhRP6TqWGuC-2_1GXq54uufpBaiTh5Nm/OUdn0zk0_XhLg9pIOQY5Jz0w9xdXJPnxQO5_egJnAvepdyST1ZneresXyJFvSNyi60fob0PtB75I9LfpqVXj_p82e_nf1M6KRYaqvteFS-G9p75t-A-NnVuNCTdOQ-LN/ZubVVm2lgESJDdQy2KIWSSra5ducZg1LbFvgmJp_vcxnWgPdE-vpH0l5kwtwm1sVpPt0V-Jrdmr7wd25dMJ2qFmHj-AxHLjMVj3GBu8_hPNDCyuf-7evvbu-me_eybe6/.../

http://nl.inncdn.com/?domain=vlc-media-player&name=VLC media player&icon=aHR0cDovL3NjcmVlbnNob3QuaXQuc2Z0Y2RuLm5ldC9pdC9zY3JuLzI1MDAwLzI1MzM5L3ZsYy1tZWRpYS1wbGF5ZXItMTMtMzJ4MzIucG5n&url=aHR0cDovL3NvdXJjZWZvcmdlLm5ldC9wcm9qZWN0cy92bGMvZmlsZXMvMi4wLjEvd2luMzIvdmxjLTIuMC4xLXdpbjMyLmV4ZS9kb3dubG9hZA==&os=&lang=it_IT

https://dw.uptodown.com/dwn/90a37zPdsA0eGTvLfaKw6W5nf4WywdiJIG_Nb8g5LqRp8gPA6mnYXVUCiN9L8ETO-Q88AFCayTi5Uzcpt6LfJPfnSkbleOAtaSfO7Y_hqh-Ve4LloTQgcVoIdwZCsayq/chHiLzULQNy2AXBDvpySWZPj-0EFhDgOTAvzlYuFS2VzDkuFD8ORweKhWO7d0ulFvhFMgq4E5YQy26_cL2ohFNjsymy16cNI6VbmOCOyKExOdZFx8q20EGBwAKUybyUh/YoDgCAnDHj6tbXkiImhYydsaLhMtgc25vmw9demUJQ8EEghaMd3w4huClu12lVGbIh8kq4SCcYw_GWjikEqjZiomdfRNHkwuqeTR_6JQq76qoD0ngdvoIdcCZLAm7p_U/.../

https://dw9.uptodown.com/dwn/e3Rzl28A2WnqXapKXCpXtAPD57YrQVNtIlIQAOnylGzmNjF4Hl7FmLT22kHiCcnJUWNXiYvzboppTu-T1DVGu0qypCS-FtNuhE9GtRFA2eygsTEI6Vu1jabMwvvbjmfU/Qz9Dz4-7aBOLtRnyD8OdfcvEuXWvRRTIwHaAQatDZl1yJ1F-c_8-mtrAc-O6urI6GiGlgYx6R9bZ3pGo0qktXQdV3dfjOBmdCOqfbcXMx7wfcQHebDxniae8QONdYj73/yGDikOmTmM7mtEKVpGH2KEk-Cx0qGYRhP1WU005Uf8AgNf9vX1HJVXlzazu5ep2eQ9f9poYjXFrrnNWhav9jXeC0ov90ORXm2Tk-FNDq930yOhGp8MvnTjk1d6Bo-8Ho/.../vlc-media-player-2-1-0-es-en-br-fr-de-it-cn-jp-ru-nl-pl-cz-dk-fi-kr-se-tr-cat-win.exe

https://dw.uptodown.com/dwn/Nzb2q9HPB-HMYgc_UIGEuLWbk4fV__E8Qrhon2hukSdCR-JqNux4oQUUDK_-vIueNPEJz6GpRgsC6niucNle-lvReKctpxL50RuIEahZQrO7SN67EKEKD3qDtCQ-CFZw/XlvOmXvukrSGvOxqSCW4lW5tPS-2M1RXyoL1-I1YR4WtPDn3_cYFHNKoHQJc3FcsYWPmloBGcCA5l5H9FmonEStQNtCGSZPbXE7-uHTkbrnyxAHVpX0BU5hXEw7vm-oF/49ZNZdRnV2cgalSC7L_szxmJ9aT_eDlWU-ZSG51y8AC6WP9Y9lCtMC9HtkWw2GNf2GhysRfFxCNNuQoQ9RtAcJKrf-qeafKcAxhieN56VSR9qMXgLwX0DOd7QR819c3g/.../

http://mirror.vorboss.net/videolan/vlc/2.1.0/.../vlc-2.1.0-win32.exe

http://mirror.cedia.org.ec/videolan/vlc/2.1.0/.../vlc-2.1.0-win32.exe

http://letoltes.szoftverbazis.hu/ff0ebc5ec34fd8175b6131440380ffc6650b6f5f/524a983c/.../vlc-2.1.0-win32.exe

https://dw.uptodown.com/dwn/FmWVgDDukqAQgOxI8t98qs-R831_eyZi46xD7zC9FRWf_QPxVAj4Kir4fRCTxs2WgPoQrQDQwTWP1DwXVH3aXAZzalM31rrAuT2kq3HK9vY-Ar_Fq6RkiLR3HPwQ4GgR/Szj_2ejVYiX0AyrH1AkRbGT1UWthk4o6BkNAijXWwWT9jiENxz6ClOO0z5eJb0Lv5Kd7q-1YxQwQ9JjONn1NJCaAjl7KqW8CrvV48mE_SUPO2vcnsMA4DUvZS51Fjcvz/Y309JvGdNktFvfFMTewtILYCR6B6_f6j_ST55smTXmV2Kl08GcCK50lH0on7c1nxjBY0J0QZMXf6xBTMC_4DJk4I9sOFl5vUeU8fatlQtdW0TvruVQwAE6Ulzt5eiYr0/.../

http://www.mtsconverterfree.com/.../vlc-2.1.0-win32.exe

http://mirrors.netix.net/vlc/vlc/2.1.0/.../vlc-2.1.0-win32.exe

http://dw1.uptodown.com/dl/1382298053/.../vlc-media-player-2-1-0-es-en-br-fr-de-it-cn-jp-ru-nl-pl-cz-dk-fi-kr-se-tr-cat-win.exe

http://download.videolan.org/pub/vlc/2.1.0/.../vlc-2.1.0-win32.exe

http://www.filehorse.com/download/file/.../

http://piotrkosoft.net/pub/mirrors/videolan/vlc/2.1.0/.../vlc-2.1.0-win32.exe

http://192.168.10.10/.../share.php?action=download&file=vlc-2.1.0-win32.exe&id=8624

http://mirror.rasanegar.com/videolan/vlc/2.1.0/.../vlc-2.1.0-win32.exe

http://10.0.0.1/vlc.exe

http://videolan.mirror.liquidtelecom.com/vlc/2.1.0/.../vlc-2.1.0-win32.exe

http://www.tarek.com/vlc.exe

http://dw.uptodown.com/dwn/Gd4ESag72gW3fj5v0cDGIn_EoDQOKEgkDURqcztURH8ssWUAHPCHUUadmL94lR-OxTy--dvNiUsk1ffdZqfz511VRWO_Nu5r1AIqr9uifqoUWmX2_F0Tbz40lwCdKPw4/gaVNPS8P3WtAUd5NhKsa5vJcuN8AKZwr6zuy9mOsl3UnY7gNRCWK8-eTPU0D4_lSnLesijP55tgd5_XAL9w0eicwsYyvewyeAgTpj_r06n2u5Nta1-M78ROR6av8ENVK/XApRo8V3BdH--8tc-n5KvP4CCjode0KvY3NHtV1Yo0ZK17ZQ8asu15YK1d7K4Q7wpGIrKYWBhci059KajOBPBf8OKSSa8WbhLyvq_o_SH-H2XVw_bHFMsWRRqONIX7Ej/.../

http://cdn1.gagui.org/?ic_user_id=123

http://mirror.kku.ac.th/videolan/vlc/2.1.0/.../vlc-2.1.0-win32.exe

http://mirror.nexcess.net/videolan/vlc/2.1.0/.../vlc-2.1.0-win32.exe

https://dw.uptodown.com/dwn/EW695iIMP97mS_bxqXpIzp-vxswAq1UgfhpnSAt2MX2hhOdzf2z2aOrZzXsWe87QgjmF5jtyxvReRdih3edez6oUK3wqX4OApEWuZPlrwET_jx6qDiGw_wCtNxFPGbsi/furqN0Wd6Ra22wC5-FUqaqFtGv3lq7fnLCK0k4RVKXRLVFpZSQQJobi-4rU2XmqVjNua9Aq_qKbfYMZ2y8PoMfdVU8-acuG7ZKVNZ7UsOXwzQ-rAKlbMfrnC1I_nWv_x/3xeTjw75k86ZPzGgM-WNPMGfaInONtYPW0aLlwLwywGw3unSQFusU6AkamHfUsqkeI_d5V9IvjmRtX2p69BtRW36z_IFtqGI8GtpJMMPGIRkbclGjtwfuXEiDDSPcjh7/.../

Latest 30 of 159 download URLs

Scan app.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.