home

ctl9.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download2148.mediafire.com and multiple other hosts.
MD5:
98575114bc0fd5a6e5b76348e6ac6f01

SHA-1:
abf63686048389278eedc907531290f91eb052a1

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/17/2024 7:57:18 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.14322

File size:
2.5 MB (2,655,772 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\documents and settings\user\سطح المكتب\ctl9.exe

File PE Metadata
Compilation timestamp:
12/14/2013 12:45:04 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
49152:gtdD/Yxoo2+/5CfUmz0a2wkj1R1Fm1ggDGyUFvM5a7PDu8BQhm+8zxtS7:gtpDACfHT21TFqgEPy4g+V7

Entry address:
0x1290

Entry point:
55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 9C, 12, 41, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, DC, 12, 41, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, C4, 12, 41, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, BA, 80, 00, 00, 00, 89, E5, 57, 31, C0, 8D, BD, E8, FE, FF, FF, 56, 53, 81, EC, 1C, 01, 00, 00, 89, 54, 24, 08, 89, 44, 24, 04, 89, 3C, 24, E8, 37, 40, 00, 00, 89, 7C, 24, 04, C7, 04, 24, 18, 00, 00, 00, E8, 07, 0B, 00, 00, 85, C0, 0F, 84, 7C, 00, 00...
 
[+]

Entropy:
7.9213

Packer / compiler:
MingWin32

Code size:
18.5 KB (18,944 bytes)

The file ctl9.exe has been seen being distributed by the following 37 URLs.

http://download2148.mediafire.com/9qacmxese4fg/.../CTL9.exe

http://download1609.mediafire.com/aslng645wcpg/.../CTL_xD.exe

http://download728.mediafire.com/uw1ai6cw66wg/.../CTL9.exe

http://download2148.mediafire.com/2zohnc65q3mg/.../CTL_xD.exe

http://download1609.mediafire.com/8otil3xs7nrg/.../CTL_xD.exe

http://download771.mediafire.com/sg73rwgsercg/.../CTL9.exe

http://download1609.mediafire.com/7r9z16rsnsvg/.../CTL_xD.exe

http://download2148.mediafire.com/vcnd5rft4trg/.../CTL_xD.exe

http://download771.mediafire.com/p9lup9qcc73g/.../CTL_xD.exe

http://download771.mediafire.com/vbuclur8u38g/.../CTL_xD.exe

http://download931.mediafire.com/1qvjobaer8xg/.../CTL9.exe

http://download728.mediafire.com/dgbh28mly4ug/.../CTL_xD.exe

http://download1609.mediafire.com/8jp2g3vhkf0g/.../CTL_xD.exe

http://download771.mediafire.com/slk50alrjtgg/.../CTL_xD.exe

http://download771.mediafire.com/2b7yl6dcvyvg/.../CTL_xD.exe

http://download728.mediafire.com/qptkhhlfu6qg/.../CTL9.exe

http://download1609.mediafire.com/5zspmr6ldtrg/.../CTL_xD.exe

http://download771.mediafire.com/w5vcp2aaszvg/.../CTL9.exe

http://download2148.mediafire.com/jc4mub2ha1hg/.../CTL_xD.exe

http://download2148.mediafire.com/0973iife32hg/.../CTL_xD.exe

http://download1848.mediafire.com/slfax2qp4nig/.../CTL_xD.exe

http://download1609.mediafire.com/xa5bamr24ggg/.../CTL9.exe

http://download2148.mediafire.com/6n53vr8pwwyg/.../CTL_xD.exe

http://download1609.mediafire.com/oof1uzcmdjdg/.../CTL9.exe

http://download2148.mediafire.com/lcqtf16cykng/.../CTL9.exe

http://download728.mediafire.com/bfdp98dsljpg/.../CTL9.exe

http://download1609.mediafire.com/ckzjjcqzqljg/.../CTL9.exe

http://download771.mediafire.com/e9rsmpa4e95g/.../CTL9.exe

http://download1609.mediafire.com/a52r5dwo22lg/.../CTL9.exe

http://download728.mediafire.com/zfk7dzw24q5g/.../CTL_xD.exe

Latest 30 of 37 download URLs

Scan ctl9.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.