» regassassin-setup-1.03.exe
Overview
Analysis
File Details
Programs (1)
Downloads (12)

regassassin-setup-1.03.exe

Malwarebytes' RegASSASSIN

Malwarebytes

This is installed with FileASSASSIN. The file has been seen being downloaded from downloads.malwarebytes.com and multiple other hosts.

File name:

regassassin-setup-1.03.exe

Publisher:

Malwarebytes (signed and verified)

Product:

Malwarebytes' RegASSASSIN

Version:

1.00.0003

MD5:

21f602ea1cb607661049acfeef0280d8

SHA-1:

a2ea8c180db212005fd9f2b4d0ba29015888c27c

SHA-256:

096d07e22ead3fb993f0f2bc4224c3f5e1b6d5b452018eeb403db7e29304b19e

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 8:11:27 PM UTC (today)

File size:

63.7 KB (65,232 bytes)

Product version:

1.00.0003

Original file name:

RegASSASSIN.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

Malwarebytes

Authority:

The USERTRUST Network

Valid from:

8/21/2007 10:00:00 AM

Valid to:

8/21/2008 9:59:59 AM

Subject:

CN=Malwarebytes, O=Malwarebytes, STREET=147 Henderson St., L=Bensenville, S=IL, PostalCode=60106, C=US

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

407D5F641FB1E3712CA97E98D68AF0CB

File PE Metadata

Compilation timestamp:

1/10/2008 11:02:39 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

768:MqgdaAjO8r3r0TWGfdvUaAf8ezoS/DVldV2:mwAjO80TWGfqZ8LQDVlds

Entry address:

0x1798

Entry point:

68, 18, 19, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 58, 00, 00, 00, 40, 00, 00, 00, AB, C1, 40, 07, D0, BE, 29, 40, 94, 96, 6C, B6, 12, C7, FC, 0B, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 30, 30, 30, 32, 30, 34, 52, 65, 67, 41, 53, 53, 41, 53, 53, 49, 4E, 00, 2D, 43, 30, 30, 52, 65, 67, 69, 73, 74, 72, 79, 20, 6B, 65, 79, 20, 72, 65, 6D, 6F, 76, 65, 72, 00, 23, 2E, 2E, 00, 00, 00, 00, 01, 00, 03, 00, 44, 2B, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00... 
[+]

Entropy:

4.8062

Developed / compiled with:

Microsoft Visual Basic v5.0/v6.0

Code size:

44 KB (45,056 bytes)

The file regassassin-setup-1.03.exe has been discovered within the following program.

FileASSASSIN by Malwarebytes Corporation

Publisher's description - “FileAssassin can delete locked malware files on your system. It uses advanced techniques to unload modules, close remote handles, and terminate processes to allow the removal of the file. Simply download FileAssassin, unzip the file, and run the installer.”

www.malwarebytes.org

5% remove it

The file regassassin-setup-1.03.exe has been seen being distributed by the following 12 URLs.

https://downloads.malwarebytes.com/.../regassassin

http://downloads.malwarebytes.com/.../regassassin

http://files.downloadnow.com/s/software/10/79/70/.../RegASSASSIN.exe

https://data-cdn.mbamupdates.com/.../regassassin-setup-1.03.exe

https://downloads.malwarebytes.org/.../regassassin

http://www.malwarebytes.org/RegASSASSIN.exe

http://it.malwarebytes.org/RegASSASSIN.exe

http://www.pendriveapps.com/goto/HERE/.../2

http://www.pendriveapps.com/wp-content/plugins/link-cloaking-plugin/wplc_redirector.php?post_id=297&link_num=2&cloaked_url=goto/HERE/.../2

http://software-files-a.cnet.com/s/software/10/79/70/.../RegASSASSIN.exe

http://downloads.malwarebytes.org/.../regassassin

http://data-cdn.mbamupdates.com/v1/tools/regassassin/.../regassassin-setup-1.03.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.