home

fileextractorsetup.exe

This is a setup and installation application. The file has been seen being downloaded from friedcookie.com.
MD5:
ee8d7482d09c4e1de72bc4a410f85de5

SHA-1:
255880517ee4e867415618ae9a99f6049cf1bb4a

SHA-256:
48013e6713dfb22b6ce72648bae39edfd9175c2883941578e16df3ef1793e9fb

Scanner detections:
6 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/26/2024 11:20:54 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6379

Comodo Security
Packed.Win32.MUPX.Gen
21631

Norman
Gen:Variant.Kazy.253218
11.20150402

Qihoo 360 Security
Win32/Trojan.cc5
1.0.0.1015

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.15331

Trend Micro House Call
Suspicious_GEN.F47V0403
7.2.126

File size:
657.5 KB (673,272 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\fileextractorsetup.exe

File PE Metadata
Compilation timestamp:
6/20/1992 10:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:85rBiEKzFPBEVD5rBiEKzFPBEVLdYtUQ0oq7w6lV6qw/2D4J6reP2QUfw:81BtiPqD1BtiPqLtpoq7Hlpw/2D4JF

Entry address:
0x13B7E0

Entry point:
FF, FC, 62, C6, 06, 16, 1C, DB, 50, 20, 9B, DC, A8, 2E, 56, 65, 20, 65, 30, 3B, AD, EF, 38, 49, 84, E3, BC, FF, BF, E3, FF, BA, F7, A7, 69, F0, 8E, 2F, C1, 7E, A7, 67, 74, 8E, D9, 62, 93, B4, 10, 3C, 2A, 93, B0, FB, 2A, 29, 37, FA, FF, FF, FF, 40, 9C, 2A, 95, B2, 80, 68, A0, 56, C3, 37, 29, DE, 04, AB, 90, DD, AB, CF, 23, 9C, 43, 16, 5A, FF, 89, 87, E8, 86, FF, FF, 0A, 19, 3C, 26, 92, 3E, EB, D1, 0F, 99, 9A, 91, 07, A2, 56, 20, 92, 7A, A1, FA, FF, FF, FF, 2B, 93, EF, DF, 45, 84, 4C, AD, 58, D5, 16, BC, D0...
 
[+]

Entropy:
7.9431  (probably packed)

Code size:
624 KB (638,976 bytes)

The file fileextractorsetup.exe has been seen being distributed by the following URL.

http://friedcookie.com/.../file-extractor

Scan fileextractorsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.