home

EragonBypasV2.exe

EragonBypas

This is a setup program which is used to install the application. The file has been seen being downloaded from download2158.mediafire.com.
Product:
EragonBypas

Version:
1.0.0.0

MD5:
d7512c432f1c58a0a55d669bbe94a39c

SHA-1:
66a70b369e5f0147ec6718040ce93d6d58c7f63b

SHA-256:
ff8e0425b76ff8cca8c0de59f9d35ef9a036bde1e0d5eec08c62767644980342

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 11:41:30 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
151024-0

Bkav FE
HW32.Packed
1.3.0.6979

File size:
229 KB (234,496 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
EragonBypasV2.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

File PE Metadata
Compilation timestamp:
12/27/2013 3:06:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:q2IPUoEaCrEh6HY9EuhhdV3QrzPRQwzWl1FnvCccccccccccccccccccccccccc/:KWa8f42WEPRxzWp6t

Entry address:
0x369EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 48, B8, 00, 00, 00, 00, 00, 00, 00, 00, 49, 39, 40, 08, 74, 0C, 48, B8, 00, 00, 00, 00, 00, 00, 00, 00, FF, E0, 48, B8, 00, 00, 00, 00, 00, 00, 00, 00, FF, E0, 55, 8B, EC, 8B, 45, 10, 81, 78, 04, 7D, 1D, EA, 0C, 74, 07, B8, B6, B1, 4A, 06, EB, 05, B8, B6, 92, 40, 0C, 5D, FF, E0, 02, 35, EA, 35, A1, 65, 45, 2B, BE, 79, 5F, 3B, 8D, B9, 78, F7, EB, CD, 23, C6, 73, B5, 19, 9A, 12, CC, 95, 5E, 5A, 43, 4C, DD, C8, D4, 87, 0D, 04, 6E, 8A, CC...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
210.5 KB (215,552 bytes)

The file EragonBypasV2.exe has been seen being distributed by the following URL.

http://download2158.mediafire.com/y1d1a11j0pqg/.../EgYmoB Bypass WolfTeam AraBic.exe

Scan EragonBypasV2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.