» rusroute_v1_9_4.exe
Overview
Analysis
File Details
Downloads (1)

rusroute_v1_9_4.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.rusroute.com.

File name:

rusroute_v1_9_4.exe

MD5:

71a5fa67eaf8ddb73296112a9e6d2005

SHA-1:

7a62857e66e080a33d8e49320591733660526f15

SHA-256:

332795ff0e9f8fb7fafe4f7e930f34162ddd0039620bf95ffe1c2ccb66deb1b2

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/8/2024 2:48:43 PM UTC (today)

File size:

15.1 MB (15,800,362 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\rusroute_v1_9_4.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

393216:tRV5xKprhtYeGTvXBqzQjUMoWahuqJOTGMTfourby:tpG1tmvRqzQ4trECqGMTfourW

Entry point:

8E, E8, 93, 00, 00, E8, 59, 42, 00, 00, 8D, 8E, 8C, 93, 00, 00, E8, 4E, 42, 00, 00, 8D, 8E, 30, 93, 00, 00, E8, 43, 42, 00, 00, 8D, 8E, D4, 92, 00, 00, E8, 38, 42, 00, 00, 8B, CE, 5E, E9, CB, B9, FF, FF, 80, 3D, 30, 08, 44, 00, 00, 8B, 44, 24, 0C, A3, 28, 08, 44, 00, 8B, 44, 24, 10, A3, 2C, 08, 44, 00, 8B, 44, 24, 14, A3, 24, 08, 44, 00, 74, 04, 33, C0, EB, 65, 80, 3D, 31, 08, 44, 00, 00, 74, 05, 33, C0, 40, EB, 57, 53, 55, 56, 8B, 35, 0C, A3, 42, 00, 57, BD, 4F, DB, 40, 00, BB, C8, A8, 42, 00, EB, 20, FF... 
[+]

The file rusroute_v1_9_4.exe has been seen being distributed by the following URL.

http://www.rusroute.com/.../download_2.cgi?rusroute_eng.exe

Scan rusroute_v1_9_4.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.