home

basic-bsdtar.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from rh.ddns.is74.ru.
MD5:
79e7aaf43438625f06ff3b3fc7731a9b

SHA-1:
49e23560148daacb8d3ae22fa75bdb183dbb10a4

SHA-256:
a964fc2acf48840a05117ca3594eb0dfd82f8c01b96c2c7f5cb8f9804c15cbf9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
7/5/2025 1:14:31 PM UTC  (today)

File size:
537 KB (549,888 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
4/11/2010 4:30:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.56

CTPH (ssdeep):
12288:WNjNzgQML9NLgUe/dPIYGL8w2lrEfdyODuZRAh6qktSTjwy0J:WNjJjML9NLNeFy+exkQT0y0

Entry address:
0x1130

Entry point:
55, 89, E5, 83, EC, 18, C7, 04, 24, 01, 00, 00, 00, FF, 15, CC, 93, 48, 00, E8, D8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 53, 83, EC, 14, 8B, 45, 08, 8B, 00, 8B, 00, 3D, 91, 00, 00, C0, 77, 3B, 3D, 8D, 00, 00, C0, 72, 4B, BB, 01, 00, 00, 00, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 08, 00, 00, 00, E8, 73, D0, 06, 00, 83, F8, 01, 0F, 84, FF, 00, 00, 00, 85, C0, 0F, 85, AA, 00, 00, 00, 31, C0, 83, C4, 14, 5B, 5D, C2, 04, 00, 3D, 94, 00, 00, C0, 74, 59, 3D, 96, 00, 00, C0, 74, 1B, 3D, 93...
 
[+]

Code size:
438 KB (448,512 bytes)

The file basic-bsdtar.exe has been discovered within the following program.

MinGW-Get version 0.5-beta-20120426-1  by MinGW
MinGW (Minimalist GNU for Windows) is an Open Source development environment for native Windows.
www.mingw.org
7% remove it
 
Powered by Should I Remove It?

The file basic-bsdtar.exe has been seen being distributed by the following URL.

http://rh.ddns.is74.ru/shares/Install/?????????/Kerio Control/!_Patch/Vityan/.../basic-bsdtar.exe

Scan basic-bsdtar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.