home

gerador de rp 2016.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from dc594.4shared.com.
MD5:
e9c9d34b1f352e98f630ab0e8bf4886a

SHA-1:
004bf993ee69f13c0010899b8b20a2c84382184b

SHA-256:
66b45885db1226ea23887a86d01cff07cce136e8c0139068b75a1a07fb4120dd

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 11:29:05 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/PSW.Agent.ONZ trojan
8.0.319.0

File size:
207.9 KB (212,870 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\gerador de rp 2016.exe

File PE Metadata
Compilation timestamp:
5/8/2016 1:55:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:2mkWpG/Uib5p/71rUYpIqF8mAfZ+Dqmoyz5BSrLSbHEMeTad/e6T2Xm:2Mp2Uiz71rU1qF/KVRyqCwMwad/Sm

Entry address:
0x351EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D8, C6, 2E, 57, 00, 00, 00, 00, 02, 00, 00, 00, 82, 00, 00, 00, 1C, 60, 03, 00, 1C, 36, 03, 00, 52, 53, 44, 53, 74, B8, 77, BA, E0, D3, 60, 4A, 85, 90, 78, E2, 15, F2, 51, 73, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 4C, 75, 63, 61, 73, 5C, 41, 70, 70, 44, 61, 74, 61, 5C, 4C, 6F, 63, 61, 6C, 5C, 54, 65, 6D, 70, 6F, 72, 61, 72, 79, 20, 50, 72, 6F, 6A, 65, 63, 74, 73, 5C, 57, 69, 6E, 64, 6F, 77, 73, 41, 70, 70...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
204.5 KB (209,408 bytes)

The file gerador de rp 2016.exe has been seen being distributed by the following URL.

http://dc594.4shared.com/download/.../Gerador_de_RP_2016.exe

Scan gerador de rp 2016.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.