home

theword-setup-dyna.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.theword.net.
MD5:
15696c44f6957bda6e0b2fca3ff6865c

SHA-1:
18ff0f6e736def885d0b9cba7f7f26824ef0399d

SHA-256:
1229bb9f513fa3589788a604f78ab42bdd8405d978004777ac1cd4c4b00db4d8

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/20/2024 12:03:51 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/DH
2016.0.3136

F-Secure
Trojan.Injector.BHY
5.13.68

File size:
1.7 MB (1,830,228 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\theword-setup-dyna.exe

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:pNH0E215LuVWiz7T7b8RGJl8XxSIMugW0Kv8fxCgLQfk0Bdn328K2bUPPw4Lmcp:vHM69VJlfulJf84328OPPNdp

Entry address:
0x13894

Entry point:
55, 8B, EC, 83, C4, F0, B8, 14, 38, 41, 00, E8, 38, 24, FF, FF, 33, C0, A3, 7C, 58, 41, 00, C7, 05, 80, 58, 41, 00, 58, 37, 41, 00, 33, C0, A3, 84, 58, 41, 00, 33, C0, A3, 88, 58, 41, 00, A1, 8C, 58, 41, 00, A3, 8C, 58, 41, 00, 68, 0C, 3B, 41, 00, A1, 8C, 58, 41, 00, 50, E8, 9B, 26, FF, FF, A3, 90, 58, 41, 00, 68, 00, 7F, 00, 00, 6A, 00, E8, 82, 26, FF, FF, A3, 94, 58, 41, 00, C7, 05, 98, 58, 41, 00, 10, 00, 00, 00, 33, C0, A3, 9C, 58, 41, 00, B8, 18, 3B, 41, 00, A3, A0, 58, 41, 00, 68, 7C, 58, 41, 00, E8...
 
[+]

Entropy:
7.9280

Developed / compiled with:
Microsoft Visual C++

Code size:
75.5 KB (77,312 bytes)

The file theword-setup-dyna.exe has been seen being distributed by the following URL.

http://www.theword.net/files/.../getmulti.php?multifilesep=|&f1=kjv.ont.exe

Scan theword-setup-dyna.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.