home

freeyt-dlm_freeyt-dlm_setup_eng.exe

DownloadGuide

The executable freeyt-dlm_freeyt-dlm_setup_eng.exe has been detected as malware by 3 anti-virus scanners. The file has been seen being downloaded from freeyt-dlm.s3.amazonaws.com.
Product:
DownloadGuide

Version:
1.3.1.465

MD5:
8cc0edbc3e8f31ca64dd4a980e4eff62

SHA-1:
ae134dc0f9c043bbeb9c3990a0481ccfda8a5ba1

SHA-256:
5f2da4f4d3079675d5bd9b9ba8bd852c786571f2679d06b1ccc55a445f9c722a

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/26/2024 2:40:29 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.DownLoader9.16196
9.0.1.0326

ESET NOD32
MSIL/DownloadGuide (variant)
8.9456

VIPRE Antivirus
Immanitas Entertainment GmbH
26722

File size:
435 KB (445,424 bytes)

Product version:
1.3.1.465

Copyright:
Copyright © 2012

Original file name:
in.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\freeyt-dlm_freeyt-dlm_setup_eng.exe

File PE Metadata
Compilation timestamp:
6/18/2013 8:12:06 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:oTM7398FBpchjLGrAPfl9d9ELMrZc7S3lkr/PflYd9ALMrZcXSbSy:oy8Nc1YAXjd9ELMu7D/Xud9ALMuXxy

Entry address:
0x4507B

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.9307

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
268.5 KB (274,944 bytes)

The file freeyt-dlm_freeyt-dlm_setup_eng.exe has been seen being distributed by the following URL.

http://freeyt-dlm.s3.amazonaws.com/publisher/.../freeyt-dlm_freeyt-dlm_setup_Eng.exe

Remove freeyt-dlm_freeyt-dlm_setup_eng.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.