home

cStreamer.exe

[ RBTLabs - Streamer ]

The executable cStreamer.exe has been detected as malware by 8 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from download1508.mediafire.com.
Product:
[ RBTLabs - Streamer ]

Version:
1.6.1.0

MD5:
d0706e30328be2a3a3e7b4e9fc23405d

SHA-1:
9755641e161ec2a99ae257cd28eb2ba5ed31417a

SHA-256:
7a317bb87e4b802b4ed369e0b15c60f0abcdd50ffac9a405b321c46865e9d9a2

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
5/15/2024 3:01:08 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Symmi.23049
7.11.91.90

Bitdefender
Gen:Variant.Symmi.23049
1.0.20.975

Emsisoft Anti-Malware
Gen:Variant.Symmi.23049
8.16.07.13.11

F-Secure
Gen:Variant.Symmi.23049
11.2016-13-07_4

G Data
Gen:Variant.Symmi.23049
16.7.22

McAfee
Artemis!D0706E30328B
5600.6339

Panda Antivirus
Suspicious file
16.07.13.11

Trend Micro House Call
TROJ_GEN.F47V0717
7.2.195

File size:
2.1 MB (2,165,760 bytes)

Product version:
1.6.1.0

Copyright:
RoBerTo (C) 2009 - 2013

Original file name:
cStreamer.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\cstreamer.exe

File PE Metadata
Compilation timestamp:
7/16/2013 3:14:33 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:cX8F1NKXsBO0tt0qF27zGpLz8iIqjAyvy89wbR4:cX8DNKzXqFYzEIYAyvtmF4

Entry address:
0x245E3C

Entry point:
56, 60, 88, 34, 24, 9C, C7, 44, 24, 24, D2, 11, CF, E2, E8, 41, E5, FF, FF, 19, 2A, 65, 13, 7D, 85, DB, 01, C1, EA, 89, A6, D9, DA, 91, 88, 3D, FE, A5, 7C, 31, F4, 60, 47, 1E, 25, 72, 33, A7, 74, DB, A6, CB, F2, D3, 9B, 79, 65, BE, 61, 7C, 6D, 33, E8, 9B, A4, A7, BB, 71, 49, 42, 06, 3B, FB, B8, 1A, 0A, 06, 1E, D7, 81, A2, 88, 1D, B9, BB, DA, A7, 89, D8, DC, F4, CB, 67, 90, E1, 1E, FA, 9D, EB, 27, FF, 40, ED, 03, C9, 58, 5E, 06, AB, D4, 04, E3, E7, EC, D3, 9D, CE, 10, F8, 6C, C0, AE, B3, 4C, 0C, 8E, 20, 52...
 
[+]

Entropy:
7.9936  (probably packed)

Code size:
150.5 KB (154,112 bytes)

The file cStreamer.exe has been seen being distributed by the following URL.

http://download1508.mediafire.com/opi2zdfdty9g/.../cStreamer.exe

Remove cStreamer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.