home

osbuddy.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from rsbuddy.com.
MD5:
7b48d5fc5aa19c41b7bb15d5d495f4f3

SHA-1:
83575e575f94e2b9d030339e3a3351f10059a609

SHA-256:
976ec4274325312cb0b90188b8c9712cecf69f69f26983517a0fa837d2670ddb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 2:42:34 AM UTC  (today)

File size:
258.1 KB (264,293 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\osbuddy.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:oV+WRIoFv5hVtdf1TEtizNn1L9yckxaJKsZewJ4+p3Th:M+0jTEtiz9yckxaJKlKX3V

Entry point:
50, 4B, 03, 04, 14, 00, 08, 08, 08, 00, 9B, 8C, E2, 46, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 14, 00, 00, 00, 4D, 45, 54, 41, 2D, 49, 4E, 46, 2F, 4D, 41, 4E, 49, 46, 45, 53, 54, 2E, 4D, 46, 8D, 7C, C7, AE, EC, CA, B1, E5, 5C, 80, FE, E1, CD, 09, 89, A6, 58, 34, 0F, 68, A0, E9, 8B, BE, 48, 16, ED, A4, C1, A2, F7, DE, 7E, 7D, 6F, BD, AB, 81, 70, 2F, D9, BD, 07, C7, 0C, CE, 5E, C1, 8C, 8C, 5C, B1, 22, 32, F2, A8, 61, 5B, A4, C9, 34, FF, C3, 49, C6, A9, E8, DA, FF, FE, 2F, F8, 9F, D0, DF, FF, A6, 86...
 
[+]

Entropy:
7.8960  (probably packed)

The file osbuddy.exe has been seen being distributed by the following URL.

https://rsbuddy.com/.../download?iaccept=true&fileFormat=exe

Scan osbuddy.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.