home

newsferret.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.newrainbowbridge.com.
MD5:
dc1251ff4a6679880a53b5f6ede8c18a

SHA-1:
58a3feead6c2bbafa70d129a602793891c244dc5

SHA-256:
966a7a465f37564df6f9d79b3ef1c2ed3fa3d1cb2f8c0d9f8c17c5b6c7953293

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 7:12:49 PM UTC  (today)

File size:
996 KB (1,019,904 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\newsferret.exe

File PE Metadata
Compilation timestamp:
11/4/2032 10:20:33 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:dXt6Oh5NZ7QiNxUQpEXvASj+jsFvbgt3NK:P6a5nxUnYeFstd

Entry address:
0x1000

Entry point:
A1, 5A, 40, 41, 00, C1, E0, 02, A3, 5E, 40, 41, 00, 57, 51, 33, C0, BF, 98, DC, 41, 00, B9, 9C, E0, 41, 00, 3B, CF, 76, 05, 2B, CF, FC, F3, AA, 59, 5F, 64, 67, 8B, 16, 04, 00, 89, 15, 6E, 40, 41, 00, 8B, 42, F8, A3, 66, 40, 41, 00, 8B, 42, FC, A3, 6A, 40, 41, 00, 83, EA, 04, 89, 15, EC, DD, 41, 00, 83, EA, 04, 3B, D4, 73, 02, 8B, E2, 6A, 00, E8, D3, D5, 00, 00, 59, 68, 2C, 40, 41, 00, 6A, 00, E8, 98, 26, 01, 00, A3, 62, 40, 41, 00, 6A, 00, E9, AC, 1B, 01, 00, E9, 97, D6, 00, 00, 00, 00, 00, 55, 8B, EC, 6A...
 
[+]

Entropy:
7.6848

Code size:
74.5 KB (76,288 bytes)

The file newsferret.exe has been seen being distributed by the following URL.

http://www.newrainbowbridge.com/.../newsferret.exe

Scan newsferret.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.