home

Moar Metals and Minerals Installer.exe

Installer

Product:
Installer

Description:
Skydaz Installer

Version:
1.0.0.0

MD5:
bd131d34825a65f89913cf8f03c71df6

SHA-1:
91ed0556b43bc98fe284af18e731d6ff19788256

SHA-256:
10cdece86e5056931bde9a8272d0e84913c16ac10d4fc10b4d0eebbeffbfb540

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 11:56:45 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0502
7.2.21

File size:
1.1 MB (1,164,800 bytes)

Product version:
1.0.0.0

Copyright:
Skydaz

Trademarks:
Skydaz Installers

Original file name:
Moar Metals and Minerals Installer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\moar metals and minerals installer.exe

File PE Metadata
Compilation timestamp:
12/19/2012 6:12:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:X+XXTUoCyLVrkhqI1xaCFnhLT5yOiLVrkhqI1xaCFnhLT5J:X+XXTUFyC1JuC1J

Entry address:
0xB32EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7388

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
709 KB (726,016 bytes)

The file Moar Metals and Minerals Installer.exe has been seen being distributed by the following URL.

http://www.skyworxz.com/downloads/.../Moar Metals and Minerals Installer.exe

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to www.softologic.com  (174.37.181.31:80)

TCP (HTTP SSL):
Connects to www.ibbalance.com  (173.192.190.227:443)

TCP (HTTP):
Connects to stats-182385724-1591972470.us-east-1.elb.amazonaws.com  (54.221.252.69:80)

Scan Moar Metals and Minerals Installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.