home

khushwant_singh_novels_downloader.exe

The executable khushwant_singh_novels_downloader.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. The file has been seen being downloaded from dn.yourfiledownloader.com a web site host known to distribute potentially unwanted software operated by Via Advertising Group Limited.
MD5:
d103c71cdcb4c19624838be197459ccd

SHA-1:
98e25ef6b445c23d0ea99bf83093d5fe7cf9816e

SHA-256:
f6c68afb1d18ffbf78f0f00ac2add1081c4c4efe57dec04c81e0fe89851faf49

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/20/2024 2:35:08 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.5.12

File size:
1.8 MB (1,937,711 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\khushwant_singh_novels_downloader.exe

File PE Metadata
Compilation timestamp:
12/16/2014 9:25:31 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:mhhAggTl4bhp69HWpMiFon+3jpDwo6VKAyoPwveSBxtK8:GjgTqdp6tWpF6+3dwo6VuoMe8F

Entry address:
0x3F6153

Entry point:
54, 9C, 9C, C7, 44, 24, 08, 45, 7D, 65, 69, 60, C7, 44, 24, 24, 7B, 22, 0C, 44, 54, C6, 04, 24, CC, 9C, 8D, 64, 24, 2C, E9, 82, A1, 35, 00, 66, 0F, BA, E0, 06, 9C, 83, F9, 07, E9, 56, CB, FF, FF, 00, 00, 47, 65, 74, 4D, 6F, 64, 75, 6C, 65, 46, 69, 6C, 65, 4E, 61, 6D, 65, 41, 00, 02, E1, 1C, 2C, 2A, 90, 6F, CA, 17, 42, CD, 26, EC, 35, 86, 55, 72, A1, 7A, 89, 7A, 41, 56, 6D, 36, E5, A7, 2E, E1, 0A, D5, 56, E9, 12, C8, 98, 24, EC, EE, B6, 83, 93, E0, 99, CD, B4, 33, 38, F6, 0A, EB, 86, EE, 44, 25, 2C, 07, 2F...
 
[+]

Entropy:
7.9986  (probably packed)

Code size:
785 KB (803,840 bytes)

The file khushwant_singh_novels_downloader.exe has been seen being distributed by the following URL.

http://dn.yourfiledownloader.com/j5GOX3fDoUxn2rlgWdG/JGbjmyhkpbU4MLCuciv802Eu/NVhG XPKFO2hDsX6cFTGu3AUxSQmBlCipgdZYFlTg3KcQUjlm8SJat5BjqdLLton3nuMWskunBwefwFYE7gKjFR/wdxTegIcVmxCXdchRp4RvgRT0zFAlZEkjNmZ8EbTSno4Vwg2O1rI9C3CHe36k8KruJ9bPK4fGThrXxP4qd9Q6LDDwG61TxQup9gFdCYbEHS0wZJiNBXRI2DDLSXhlm1xKAUvp6jEO/ZvxmsQIZa WDv5fctteXpMve5h2Os48FigeT2coKpnzmY d9H062HFcGWn1/LzJtEn9H8VczK/.../dY=

Remove khushwant_singh_novels_downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.