» NewCoup Client.exe
Overview
Analysis
File Details
Downloads (1)

NewCoup Client.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from goo.gl.

File name:

NewCoup Client.exe

Version:

1.0.0.0

MD5:

b17a80b34ef2ae0ffb3cd2df3053732a

SHA-1:

eb2ce144a4788db5065030449479361c088c9640

SHA-256:

4fd8d28e0b514552685ff867707848bdb36c39ca5bee8f3b3fb5ae157c9c94c8

Scanner detections:

7 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/25/2024 11:58:23 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Baidu Antivirus

Hacktool.MSIL.Confuser

4.0.3.15223

ESET NOD32

MSIL/Packed.Confuser.N suspicious (variant)

9.11197

K7 AntiVirus

Trojan

13.196.15011

McAfee

Artemis!B17A80B34EF2

5600.6846

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Sophos

Mal/MSIL-LL

4.98

Trend Micro House Call

Suspicious_GEN.F47V0217

7.2.54

File size:

402 KB (411,648 bytes)

Product version:

1.0.0.0

Original file name:

NewCoup Client.exe

File type:

Executable application (Win32 EXE)

Language:

Swedish (Sweden)

Common path:

C:\users\{user}\downloads\newcoup client.exe

File PE Metadata

Compilation timestamp:

2/16/2015 6:29:51 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:WsS6CcF+S1gYcMI4u9xRVimR+r8ktrR5prS6D5:Wyg5AI7xs

Entry address:

0x6A00A

Entry point:

FF, 25, 00, A0, 46, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

50 KB (51,200 bytes)

The file NewCoup Client.exe has been seen being distributed by the following URL.

http://goo.gl/knHdzZ

Scan NewCoup Client.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.