home

fR6CTg.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.edgwaretown.co.uk.
MD5:
d5bad4fb8c9070af2b75b389a33c7711

SHA-1:
a9b725d5e607db319a050704083ff05b6f8a1d28

SHA-256:
c618f437396a202a7cce14a59f0cc826fe3f8dc9d3b1997d7b53eee35169f21c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:58:43 AM UTC  (today)

File size:
303 KB (310,272 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\fr6ctg.exe

File PE Metadata
Compilation timestamp:
6/16/2013 4:22:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:cnCD8A2mHtXF68dwcD6E1gJ+h7NAByc5+iUwxNgBLQlP:cnOPNFdJ56b5+n2NfP

Entry address:
0x1BEC

Entry point:
BE, 64, 20, 40, 00, 50, 8B, FC, A5, 2B, FF, 5E, 66, 81, FC, 00, FF, 72, 42, 68, 5E, 23, 40, 00, 83, 04, 24, C0, B8, 2C, 20, 40, 00, FF, 10, 03, F8, 1B, F7, B9, 00, 01, 00, 00, 0F, C9, 2B, F1, 76, 23, 8D, 48, 01, 13, 49, 3B, BB, 00, 05, 00, 00, 81, C1, DB, 00, 00, 00, 6A, 00, 5E, 81, DE, 1E, 23, 40, 00, F7, DE, 60, 39, 19, 72, 02, EB, 9C, C3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8567  (probably packed)

Code size:
3.5 KB (3,584 bytes)

The file fR6CTg.exe has been seen being distributed by the following URL.

http://www.edgwaretown.co.uk/fR6CTg.exe

Scan fR6CTg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.