home

movie1080p.mkv.exe

The executable movie1080p.mkv.exe has been detected as malware by 4 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from groupticklingdopedrug.de.
MD5:
4d8d1053c053afaf3aa015e1fb3fc7d7

SHA-1:
870f2aa77746115745fc070d07f49a737964c338

SHA-256:
8cf96bd38dd621da02db037d310434ebfba36600cc83edc4524d359de2e76c7b

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
4/25/2024 11:33:13 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Trojan/Win32.Zbot
2013.08.24

Comodo Security
Heur.Packed.Unknown
16812

Kaspersky
Trojan-Ransom.Win32.Foreign
14.0.0.3773

Malwarebytes
Trojan.FakeAlert.ED
v2013.08.24.02

File size:
62.5 KB (64,000 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\movie1080p.mkv.exe

File PE Metadata
Compilation timestamp:
8/23/2013 3:14:00 AM

OS version:
4.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:LL0C8exR7dTtwHC0vlXQg8YBqHrYi99FKLMSFd:cC82rtwDNAsYH99WMQ

Entry address:
0x1000

Entry point:
60, 83, F7, 01, 83, E6, 01, 83, E0, 0C, 8B, EC, E8, 00, 00, 00, 00, 58, 66, 33, C0, BE, 00, 60, 40, 00, 81, EE, 00, 00, 40, 00, 03, F0, BF, 48, 30, 40, 00, 81, EF, 00, 00, 40, 00, 03, F8, 8B, 44, 24, F4, 83, F8, 00, 74, 10, 3D, 08, 04, 00, 00, 74, 09, 83, F8, 01, 74, 04, CC, C3, 33, C0, 68, 04, 01, 00, 00, 56, 8B, 9F, F4, 01, 00, 00, FF, D3, E8, 6E, 00, 00, 00, FF, B7, 70, 01, 00, 00, FF, 14, 24, FF, B7, 80, 01, 00, 00, 6A, 00, 68, 80, 00, 00, 00, 6A, 03, 6A, 00, 6A, 01, 68, 00, 00, 00, 80, 56, FF, 54, 24...
 
[+]

Entropy:
7.6433

Code size:
8 KB (8,192 bytes)

The file movie1080p.mkv.exe has been seen being distributed by the following URL.

http://groupticklingdopedrug.de/.../movie1080p.mkv.exe

Remove movie1080p.mkv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.