» britney spears feat will i zaycev net am - it should be easy.exe
Overview
Analysis
File Details
Downloads (1)

britney spears feat will i zaycev net am - it should be easy.exe

Onlain Sekyuriti Sistems, OOO

The executable britney spears feat will i zaycev net am - it should be easy.exe has been detected as malware by 1 anti-virus scanner. The file has been seen being downloaded from forces.gor-enters.ru.

File name:

Publisher:

Onlain Sekyuriti Sistems, OOO (signed and verified)

MD5:

4ad23d5749b516d6c4b981d679b694d9

SHA-1:

c82bd70b1375824d65f543594b6f1ca1ab22accd

SHA-256:

6ad0eebc461de0dbb0616493ebdaee4b61967bff06ffad450be781d4bb3821c7

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

4/24/2024 12:03:27 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

16.8.1.19

File size:

423.9 KB (434,080 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\britney spears feat will i zaycev net am - it should be easy.exe

Digital Signature

Signed by:

Onlain Sekyuriti Sistems, OOO

Authority:

COMODO CA Limited

Valid from:

3/26/2014 4:00:00 AM

Valid to:

3/27/2015 3:59:59 AM

Subject:

CN="Onlain Sekyuriti Sistems, OOO", O="Onlain Sekyuriti Sistems, OOO", STREET="12 Komn 42, ul.Vrubelya", L=Moscow, S=Moscow region, PostalCode=125080, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

38AA823949978CC988A90C3D6FDCCF0F

File PE Metadata

Compilation timestamp:

4/7/2014 6:21:23 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

4.0

CTPH (ssdeep):

6144:FH8SaVvAaeQmV+poX7Jlz25o6sfEgRnPoLur+0kO3SKcDw/W4zBHyp:FhaVne2pIDzh6sNQLI+0McdzBH6

Entry address:

0x4B36

Entry point:

85, 0D, A5, E3, 40, 00, 1B, 7C, 24, 14, F7, D3, 81, E1, A2, 10, 11, 91, C1, E1, 1E, 33, 05, 86, 6C, 42, 00, 90, C1, ED, 15, 81, CA, D7, 6E, 52, E1, C1, EE, 1E, BF, 8F, 25, 55, 4E, 09, E5, 2B, 4C, 24, 0C, C1, DB, 17, 81, C7, A1, 27, EB, B1, FC, C1, D2, 11, 4A, 39, EA, 4F, C1, D3, 1F, 29, E3, 81, DA, 86, D1, EB, CB, 47, C1, D5, 00, 23, 74, 24, F0, 87, D5, 0F, B6, 0F, 43, 46, 45, 43, 81, C1, EB, DD, BF, 93, 21, DB, FD, 81, C1, 45, 6E, 80, 6C, 1B, 74, 24, F8, FC, 87, D6, 8B, 5C, 24, EC, 8A, 01, 45, 3B, 5C, 24... 
[+]

Entropy:

6.4628

Code size:

352 KB (360,448 bytes)

The file britney spears feat will i zaycev net am - it should be easy.exe has been seen being distributed by the following URL.

http://forces.gor-enters.ru/MjU1NTtodHRwJTNBJTJGJTJGZGwuemF5Y2V2Lm5ldCUyRmNkMGIyMWE1LTU0OWYtNDdjZC04NmYxLWFmYzc1MTIzMjE0OCUyRjIxMjI0JTJGMjEyMjQ1MiUyRmJyaXRuZXlfc3BlYXJzX2ZlYXQuX3dpbGwuaV8lMjh6YXljZXYubmV0JTI5LmFtXy1faXRfc2hvdWxkX2JlX2Vhc3kubXAzO25hbWU9YnJpdG5leV9zcGVhcnNfZmVhdC5fd2lsbC5pXyh6YXljZXYubmV0KS5hbV8tX2l0X3Nob3VsZF9iZV9lYXN5Lm1wMztzaXplPTg1MzU0MDk7dHlwZT1hdWRpbw==

Remove britney spears feat will i zaycev net am - it should be easy.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.