» stress_relief.exe
Overview
Analysis
File Details
Downloads (10)

stress_relief.exe

File name:

stress_relief.exe

MD5:

8abef55829fd0a826822f153d6f9cc66

SHA-1:

74438ff81b4348d5c96ef4a4a83dedac99cb32ed

SHA-256:

bdb0ab60e058dc1a70fc6a0f38996609d656ca8c605172077d8d19a4ef6ef337

Scanner detections:

3 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/16/2024 9:22:12 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.HfsAutoB

1.3.0.4924

Comodo Security

TrojWare.Win32.GameThief.Steam.s

17807

XVirus List

Win.Detected

2.3.31

File size:

1.2 MB (1,299,456 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\stress_relief.exe

File PE Metadata

Compilation timestamp:

5/12/2007 6:45:36 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:VhWN3RGZrPV/LuS7zkk2IDFG4ACLZL9Fh6LtNkjOQbbXHwM/b25QGE3zJUuEZZfQ:VhWxRGRiKXv/bGQGE3FUTf32suLg

Entry address:

0x92C0

Entry point:

55, 8B, EC, 83, E4, F8, 81, EC, 28, 01, 00, 00, 53, 55, 56, 57, FF, 15, 98, 30, 43, 00, 68, D8, 6F, 43, 00, A3, 54, 71, 43, 00, C7, 05, D8, 6F, 43, 00, 94, 00, 00, 00, FF, 15, 94, 30, 43, 00, 33, DB, 53, FF, 15, 90, 30, 43, 00, A3, 68, 72, 43, 00, FF, 15, E8, 30, 43, 00, 8D, 88, 1E, FB, FF, FF, 83, F9, 08, 77, 6C, FF, 24, 8D, BC, 99, 40, 00, B9, EE, 00, 00, 00, EB, 33, C7, 05, A0, 61, 43, 00, CC, 00, 00, 00, EB, 5C, 89, 1D, A0, 61, 43, 00, EB, 54, B9, A1, 00, 00, 00, EB, 18, B9, A2, 00, 00, 00, EB, 11, C7... 
[+]

Entropy:

6.7707

Code size:

200 KB (204,800 bytes)

The file stress_relief.exe has been seen being distributed by the following 10 URLs.

http://download1979.mediafire.com/3j6muj9kgiyg/.../desktop.exe

http://download1979.mediafire.com/gksn4xwq63ag/.../Rompe el Escritorio.exe

http://lb.cdn.m6web.fr/d/c/a/edb1d0d62205b157f75ea4fd6d447672/570fcfc3/soft/.../stress-reducers_stress_reducers_1.0_anglais_253124.exe

https://files.itslearning.com/File/Download/GetFile.aspx?FileName=kapot maken.exe&Path=gg2oLA4gZ6hqeOPOYWIyo N2zzIm0mApzSQtH6ipdOp1Zayt6qRIp fuMVa2uBniAjiSaQmGZN23xKEeAxBrRADR3D9hCw55F/C66OjYCwhn0gqRl10aUUR8yvXymCaUtwAQ2ncNZSCs9eoaCGam8Kbbz70TfGqFBVCUKOpM3qY=&MimeType=application/.../ZEZ19Fpscfjdld5kbrbOURbDCtMe4PamxZvxD6Gjx940QQMphnoNe4MrVxbDKaMIWyeoUqmDbK9Or8ro0uEXNks tHBrDPEMN ijaiMuG4xxJYtMPhrji7CKwjM9r r4=

http://lb.cdn.m6web.fr/d/c/a/bee818ce316772f1891967ebbe08e260/581af86f/soft/.../stress-reducers_stress_reducers_1.0_anglais_253124.exe

http://mystressmanagement.net/stress-reducer-desktop-destroyer.exe

http://lb.cdn.m6web.fr/d/c/a/ec0adf642095ee3f3db16cb5a78c5acc/5497c199/soft/.../stress-reducers_stress_reducers_1.0_anglais_253124.exe

http://download1137.mediafire.com/948at217hgug/.../Rompe el Escritorio.exe

https://evanwidloskiprograms.googlecode.com/.../stress-reducer-desktop-destroyer.exe

http://www.mystressmanagement.net/stress-reducer-desktop-destroyer.exe

Scan stress_relief.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.