» eroot_v1.3.4.exe
Overview
Analysis
File Details
Downloads (70)

eroot_v1.3.4.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download2181.mediafire.com and multiple other hosts.

File name:

eroot_v1.3.4.exe

MD5:

459d8bdda203a5f5e9d28231fa6df6b0

SHA-1:

b9607feb2820df9027947427bb895652ea497af0

SHA-256:

f14d8a2d0129981fcb20df5a762a0b15abfa4f1d30fa2a606004d515184ee429

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 1:58:29 PM UTC (today)

File size:

11.1 MB (11,678,208 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\s-1-5-31-1286970278978-5713669491-166975984-320\rotinom\eroot_v1.3.4.exe

File PE Metadata

Compilation timestamp:

6/18/2013 4:19:36 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

196608:G3bqLoZTO593DM8ZnGCRxGCRPBuTZGXutLSI7RPyuaonlhlvbtKtXihAifkXJFnz:Grc+TKdD1VBXBVBuTplvFpKkAi8XvN0S

Entry address:

0x9BEC2

Entry point:

E8, B8, D6, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8, 70, D1, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, 68, 2B, 4F, 00, 74, 12, 8B, 0D, 20, 29, 4F, 00, 85, 48, 70, 75, 07, E8, B2, E0, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, 28, 28, 4F, 00, 74, 16, 8B, 46, 08, 8B, 0D, 20, 29, 4F, 00, 85, 48, 70, 75, 08, E8, 11, D9, 00, 00, 89, 46, 04, 8B, 46, 08, F6, 40, 70, 02, 75, 14, 83, 48, 70, 02, C6, 46, 0C, 01, EB, 0A... 
[+]

Entropy:

7.9426 (probably packed)

Code size:

779.5 KB (798,208 bytes)

The file eroot_v1.3.4.exe has been seen being distributed by the following 50 URLs.

http://download2181.mediafire.com/jabc4pta5kug/.../Eroot_V1.3.4.exe

https://dc614.4shared.com/download/.../eroot_v134.exe

https://mega.nz/temporary/.../AxFTVaDJ

https://zima4d.storage.yandex.net/rdisk/74cb8a05f3fa4131ebd836d697a3d75430922e44aa32ebeb2cd2d5605b2df5e8/57e6045f/BlwP1W5qiS26geu8h08m8RcAFTVUquHy2BcsUJnXIH7YJO5L6WDDqWsozSZZMnMX9XLykwb9jHt2HZ8E76muOg==?uid=0&filename=Eroot 1.3.4.exe&disposition=attachment&hash=EJS1ZT/.../x-msdownload&fsize=11678208&hid=6c8e98820ec4832be5953802a6b94a5b&media_type=executable&tknv=v2&rtoken=NM2r0MhzbgaR&force_default=no&ycrid=na-098f86aa62801d4944fa3a9181f0f3bf-downloader9h

https://mega.nz/temporary/.../9FwiCLwJ

https://downloader.disk.yandex.com/disk/a61eb0f585b182afe21dfed14f506a844d3ae32afce4363586c00cc6de55fdf8/5862ab45/BlwP1W5qiS26geu8h08m8RcAFTVUquHy2BcsUJnXIH7YJO5L6WDDqWsozSZZMnMX9XLykwb9jHt2HZ8E76muOg==?uid=0&filename=Eroot 1.3.4.exe&disposition=attachment&hash=EJS1ZT/.../x-msdownload&fsize=11678208&hid=6c8e98820ec4832be5953802a6b94a5b&media_type=executable&tknv=v2

http://download2221.mediafire.com/at1g57clbblg/.../Eroot_V1.3.4.exe

http://dc705.4shared.com/download/.../eroot_v134.exe

https://downloader.disk.yandex.com/disk/f015245637fbe987e397da21762a0a761fa74fcd0287e1e649c39e0bb4144fb2/57dd1e24/BlwP1W5qiS26geu8h08m8RcAFTVUquHy2BcsUJnXIH7YJO5L6WDDqWsozSZZMnMX9XLykwb9jHt2HZ8E76muOg==?uid=0&filename=Eroot 1.3.4.exe&disposition=attachment&hash=EJS1ZT/.../x-msdownload&fsize=11678208&hid=6c8e98820ec4832be5953802a6b94a5b&media_type=executable&tknv=v2

http://download1621.mediafire.com/s5835k8bxong/.../Eroot_V1.3.4.exe

http://sony.yt/index.php?app=core&module=attach&section=attach&attach_id=4179

http://download1363.mediafire.com/fn8d0lo9ovjg/.../Eroot_V1.3.4.exe

https://downloader.disk.yandex.com/disk/2ff596b66fdd36b8d794dfc3a59a2be25e998f055bec2f66f071bc57002b384a/57dcc8e0/BlwP1W5qiS26geu8h08m8RcAFTVUquHy2BcsUJnXIH7YJO5L6WDDqWsozSZZMnMX9XLykwb9jHt2HZ8E76muOg==?uid=0&filename=Eroot 1.3.4.exe&disposition=attachment&hash=EJS1ZT/.../x-msdownload&fsize=11678208&hid=6c8e98820ec4832be5953802a6b94a5b&media_type=executable&tknv=v2

http://download1942.mediafire.com/vw6k5z77hl1g/.../Eroot_V1.3.4.exe

https://docs.google.com/uc?authuser=0&id=0B6pzwBlIcNfGa0pzMVI2TExfeDA&export=download

https://doc-0o-74-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/q949et06237rei9uq8kmuiaof9d062mj/1434556800000/04487971145044646929/.../0Bym9vRtKCENDTGg5clRCdlVuN1k?e=download

http://fileshare1270.depositfiles.com/auth-1477276064650d6415ee8e01810cd994-112.198.103.41-19582746-157213093-guest/.../eroot_v1.3.4.exe

https://downloader.disk.yandex.ua/disk/61b99318b486456e9ced6c6091f33a3ea9cc7da7eff51562a50eb45d30d2464a/58371d6f/.../x-msdownload&fsize=11678208&hid=6c8e98820ec4832be5953802a6b94a5b&media_type=executable&tknv=v2

https://downloader.disk.yandex.com/disk/ee9eedba585df9085c44c4041c24b24c7184d232c9c9ffaa78706f1ba72c3c70/57ed6583/BlwP1W5qiS26geu8h08m8RcAFTVUquHy2BcsUJnXIH7YJO5L6WDDqWsozSZZMnMX9XLykwb9jHt2HZ8E76muOg==?uid=0&filename=Eroot 1.3.4.exe&disposition=attachment&hash=EJS1ZT/.../x-msdownload&fsize=11678208&hid=6c8e98820ec4832be5953802a6b94a5b&media_type=executable&tknv=v2

http://download1078.mediafire.com/9ia9nhem98jg/.../Eroot_V1.3.4.exe

http://download1343.mediafire.com/gxua2x7n6gag/.../Eroot_V1.3.4.exe

http://download1276.mediafire.com/qao42hgvnsog/.../Eroot_V1.3.4.exe

chrome-extension://bigefpfhnfcobdlfbedofhhaibnlghod/persistent/.../iNUF0QBC

http://download1663.mediafire.com/9i90j269qreg/.../Eroot_V1.3.4.exe

https://downloader.disk.yandex.com/disk/09a3fd8fc0b3e30904d5671de6ae9c42ee8ee7ed3b4a0adb823e7b7c32661d94/57738859/BlwP1W5qiS26geu8h08m8RcAFTVUquHy2BcsUJnXIH7YJO5L6WDDqWsozSZZMnMX9XLykwb9jHt2HZ8E76muOg==?uid=0&filename=Eroot 1.3.4.exe&disposition=attachment&hash=EJS1ZT/.../x-msdownload&fsize=11678208&hid=6c8e98820ec4832be5953802a6b94a5b&media_type=executable&tknv=v2

https://downloader.disk.yandex.com/disk/1d11a826664b742fe09d9aeea1cea9948a809e006c3d2e23b403db360f554219/57629808/BlwP1W5qiS26geu8h08m8RcAFTVUquHy2BcsUJnXIH7YJO5L6WDDqWsozSZZMnMX9XLykwb9jHt2HZ8E76muOg==?uid=0&filename=Eroot 1.3.4.exe&disposition=attachment&hash=EJS1ZT/.../x-msdownload&fsize=11678208&hid=6c8e98820ec4832be5953802a6b94a5b&media_type=executable&tknv=v2

https://mega.nz/persistent/.../vZ1z2aTY

https://drive.google.com/uc?id=0BwXdBX4GZdPVbFBEbEp4NENudTQ&export=download

temp:eroot_v1.3.4.exe

https://mega.nz/persistent/.../iNUF0QBC

Latest 30 of 70 download URLs

Scan eroot_v1.3.4.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.