» dve_gori.exe
Overview
Analysis
File Details
Downloads (1)

dve_gori.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from loveyou.nsknet.ru.

File name:

dve_gori.exe

MD5:

a559a95c5120c60f6fd78869be4b2bfc

SHA-1:

d10f656f34aea90e5de579fc2820f1312f7c829e

SHA-256:

5598b73d24eec023076411abc6821f1f3fa369f86b5ca5c39b56c6b999bb160c

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/16/2024 7:09:59 PM UTC (today)

File size:

1.3 KB (1,357 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\Music\dve_gori.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

24:kbdgqtGzPoh9w7wyBjoimiBbZqVWjkAp3HEXC+8Nt6hIlPayVfk/Zz:vfzPk95KSakAp0y+8NH1kZ

Entry point:

3C, 68, 74, 6D, 6C, 3E, 3C, 68, 65, 61, 64, 3E, 3C, 74, 69, 74, 6C, 65, 3E, D0, A1, D0, BA, D0, B0, D1, 87, D0, B0, D1, 82, D1, 8C, 20, D1, 84, D0, B0, D0, B9, D0, BB, 3C, 2F, 74, 69, 74, 6C, 65, 3E, 3C, 73, 74, 79, 6C, 65, 20, 74, 79, 70, 65, 3D, 22, 74, 65, 78, 74, 2F, 63, 73, 73, 22, 3E, 74, 64, 20, 7B, 66, 6F, 6E, 74, 2D, 73, 69, 7A, 65, 3A, 31, 33, 70, 74, 3B, 66, 6F, 6E, 74, 2D, 66, 61, 6D, 69, 6C, 79, 3A, 41, 72, 69, 61, 6C, 3B, 7D, 3C, 2F, 73, 74, 79, 6C, 65, 3E, 3C, 2F, 68, 65, 61, 64, 3E, 0A, 3C... 
[+]

The file dve_gori.exe has been seen being distributed by the following URL.

http://loveyou.nsknet.ru/ftpgetfile.php?id=83

Scan dve_gori.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.