home

domo.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from patch.df.gamecyber.cc.
MD5:
94fb32e9518df9ec784b6240aefa021d

SHA-1:
2213c59bfeb705c928f0cea22a93d66854a97c6b

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/24/2024 1:46:43 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4959

File size:
1.9 MB (2,004,480 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
4/15/2014 5:56:27 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:QJdJ36o0kJgmNwgWeiG0Bj303f6UQF8PDybK:2dMoHnsehejYUYuG

Entry address:
0x1000

Entry point:
68, 01, 90, CD, 00, E8, 01, 00, 00, 00, C3, C3, 21, 21, D2, DB, 70, F3, 40, 42, 82, 89, AF, 2D, 56, 38, 8C, 5E, 87, 97, 8E, 2B, E5, E6, 0C, 0D, 4B, A7, 57, 81, 65, B8, 4F, 36, EB, 1C, AE, 1E, C8, F9, 8A, F0, 4C, 91, 59, 1F, 30, F4, B9, 1E, 11, 11, F3, 38, 3D, A7, A7, EF, 8D, 7C, 26, 46, 4C, 3E, BF, F9, 34, 95, D7, C6, 98, 4C, 02, 0B, 44, 1A, 7D, 5E, 63, A3, 52, 3F, 9D, 82, 4B, BB, 77, 5B, 32, 9F, DF, 4D, 00, 7E, D3, 50, E9, 66, 10, 95, 07, ED, D2, 12, 3D, 80, 80, 27, 34, 6E, 20, 87, 60, FB, 1B, 2B, B6, 4F...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
4.4 MB (4,616,192 bytes)

The file domo.exe has been seen being distributed by the following URL.

http://patch.df.gamecyber.cc/DomoFreeHK/.../DOMO.exe

Scan domo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.