» malha fina.exe
Overview
Analysis
File Details
Downloads (3)

malha fina.exe

Mep Installer

Malha Fina

This is a self-extracting archive and installer. The file has been seen being downloaded from 65059318.r.msn.com and multiple other hosts.

File name:

malha fina.exe

Publisher:

Malha Fina

Product:

Mep Installer

Description:

Malha Fina Setup

Version:

2.1.3.0

MD5:

a5616ab72f8280f67bf3ab592af4f22d

SHA-1:

a9ca4f8bd00dc7b2d1300d247b5758d6ebc778dd

SHA-256:

2a8d0cee6310789f413e775addc43b50048dfa18956b0f59aba46b66e101f899

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

5/21/2024 7:56:37 AM UTC (today)

Scan engine

Detection

Engine version

F-Prot

W32/Banload.AWY

4.6.5.141

File size:

1.1 MB (1,154,330 bytes)

Product version:

2.1.0.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\malha fina.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:Mgz20/plpUoWvM/O/RE3Hm+2zn8YW5NsBp://BUo5gE2+2rSH6

Entry address:

0xC3D4

Entry point:

55, 8B, EC, B9, 09, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, F4, C2, 40, 00, E8, 27, 8E, FF, FF, BE, F4, EE, 40, 00, 33, C0, 55, 68, B5, CA, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5E, CA, 40, 00, 64, FF, 32, 64, 89, 22, A1, D4, E4, 40, 00, E8, D8, FD, FF, FF, E8, 8B, F9, FF, FF, 8D, 55, F0, 33, C0, E8, FD, CF, FF, FF, 8B, 55, F0, B8, E8, EE, 40, 00, E8, 7C, 70, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, EE, 40, 00, B2, 01, A1, 1C, 9A, 40, 00, E8, 7C, D6, FF, FF, A3, EC, EE, 40... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

47 KB (48,128 bytes)

The file malha fina.exe has been seen being distributed by the following 3 URLs.

http://65059318.r.msn.com/?ld=d3eHsocn9-fPZ55xMEJyfSnzVUCUyfgUUtKd8KWtqHjfv7eHRi1o7Nm0saHLoprLkgHq6HWYaItmxzeixO1JprjH5XFRPEZcTxZr-xDSPK28rxoy1R3DPnk6IAKX770nPR7VBB2d12JGXm1Tih80RjyPOprrE&u=g1globobrasil.com

http://ccs.infospace.com/ClickHandler.ashx?ld=20160322&app=1&c=dealwifi3&s=dealwifi&rc=DealWifi3&dc=&euip=189.106.173.107&pvaid=26cca63f27f1419db533d5447b428d7d&dt=Desktop&fct.uid=bc9c4c37f06d4ce986ed0654419bb87a&en= I14PArAkOdlzxFj5XUR3iRlJZuTDOSOYQGmJubPUSMWMZ6TDH6v6V3DtAgZM2l3&du=g1.globo.com&ru=http://r.search.yahoo.com/cbclk/dWU9NzM4NTJBRTMyMkVGNDI0QyZ1dD0xNDU4NjA3MDQ1NTE0JnVvPTExMzc2OTgyMjQ1Jmx0PTI-/RV=2/RE=1458635845/RO=10/RU=http://65059318.r.msn.com/?ld=d3nRFolYpV_hj_7InUOC9DhjVUCUxD6I3PDFX1DDmdfnK3zH_kuU6onNj220GxSwVXlP-JKp1oQIGpbBCsXm860-jD3LwS4ot4F2Il4_BHOR1oZ_YQiYes5taMjFNfcclcWHsG7eITe757D07JDpf81yfgs28&u=g1globobrasil.com/.../RS=mxqIyTasxKxQACbmA0FnDIM.JoI-&ap=2&coi=239134&cop=topnav&npp=0&p=1&pp=2&ep=2&mid=9&hash=AD05FB9F293FEFBAC08E24186F00D2B4

http://ccs.infospace.com/ClickHandler.ashx?ld=20160322&app=1&c=dealwifi3&s=dealwifi&rc=DealWifi3&dc=&euip=177.133.148.217&pvaid=f2d7f64fb5e945fbb9822913287ac65c&dt=Desktop&fct.uid=5bc8c6a60113441a92a63a313cba5cf6&en= I14PArAkOdlzxFj5XUR3iRlJZuTDOSOYQGmJubPUSMWMZ6TDH6v6V3DtAgZM2l3&du=g1.globo.com&ru=http://r.search.yahoo.com/cbclk/dWU9Q0I3NTcwQUM4ODlBNEYwOCZ1dD0xNDU4NjA5Mjg2NzEzJnVvPTExMzc2OTgyMjQ1Jmx0PTI-/RV=2/RE=1458638086/RO=10/RU=http://65059318.r.msn.com/?ld=d3zXjIQjJ1LuVm1gR3u7X87jVUCUygFnW-ZMt_OdFcLWIoEDpiA-ETV3c9BNbvJJGj7I5Xm_XeHk0RmJUhkA8p6AxmaUtJyKj_rX-_q5ETHc5E_oOZ2upECF3Gfo7YaycOvjRjNbnx6Dvj_IDOkN0F0dzNpfA&u=g1globobrasil.com/.../RS=BU.tivxdkBRC0uB0ccmqPO6G_4c-&ap=1&coi=239134&cop=topnav&npp=0&p=1&pp=1&ep=1&mid=9&hash=1586907B8A9D3883905EB018E34BFB20

Scan malha fina.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.