home

movie1080p.mkv.exe

The executable movie1080p.mkv.exe has been detected as malware by 4 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from pigfemdomorgyreality.de.
MD5:
ebb031ef5574a853bc27ca6775943ea8

SHA-1:
de008f7bd2f88327b9a8166fa82876605827938d

SHA-256:
b6420f41e69aa5a2e70166c8fcfbaeb51f060397e6cb5e13a743493815879fd8

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
4/24/2024 10:11:26 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Trojan/Win32.Zbot
2013.08.24

Comodo Security
Heur.Packed.Unknown
16812

Kaspersky
Trojan-Ransom.Win32.Foreign
14.0.0.3768

Malwarebytes
Trojan.FakeAlert.ED
v2013.08.24.01

File size:
62.5 KB (64,000 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\movie1080p.mkv.exe

File PE Metadata
Compilation timestamp:
8/23/2013 3:14:00 AM

OS version:
4.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:LL0C8exR7dTtzWC0vlXQg8YBqHrYi9tFKLMSFd:cC82rtz4NAsYH99mMQ

Entry address:
0x1000

Entry point:
60, 83, F7, 01, 83, E6, 01, 83, E0, 0C, 8B, EC, E8, 00, 00, 00, 00, 58, 66, 33, C0, BE, 00, 60, 40, 00, 81, EE, 00, 00, 40, 00, 03, F0, BF, 48, 30, 40, 00, 81, EF, 00, 00, 40, 00, 03, F8, 8B, 44, 24, F4, 83, F8, 00, 74, 10, 3D, 08, 04, 00, 00, 74, 09, 83, F8, 01, 74, 04, CC, C3, 33, C0, 68, 04, 01, 00, 00, 56, 8B, 9F, F4, 01, 00, 00, FF, D3, E8, 6E, 00, 00, 00, FF, B7, 70, 01, 00, 00, FF, 14, 24, FF, B7, 80, 01, 00, 00, 6A, 00, 68, 80, 00, 00, 00, 6A, 03, 6A, 00, 6A, 01, 68, 00, 00, 00, 80, 56, FF, 54, 24...
 
[+]

Entropy:
7.6432

Code size:
8 KB (8,192 bytes)

The file movie1080p.mkv.exe has been seen being distributed by the following URL.

http://pigfemdomorgyreality.de/.../movie1080p.mkv.exe

Remove movie1080p.mkv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.