» ts2bodyshopinstal_745.exe
Overview
Analysis
File Details
Downloads (6)

ts2bodyshopinstal_745.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.stockclearhead.com and multiple other hosts.

File name:

MD5:

7c50d85635a08035e81cdd02abee304e

SHA-1:

244667c90368843305b8b0287a6ca612f11342b6

SHA-256:

2bb4e13c68a216ae0126e91da51aa91bcdaf36128f7f6ef567baa3e050d5e94a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 5:17:11 AM UTC (today)

File size:

105.7 MB (110,839,469 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\ts2bodyshopinstal_745.exe

File PE Metadata

Compilation timestamp:

1/22/2004 1:36:06 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.0

CTPH (ssdeep):

3145728:k+MOd4QINkQVVDx6UFc+LDPLwL8X2HslagAO:NDB4kQVVDEcTTV2HslaPO

Entry address:

0x20A70

Entry point:

60, BE, 00, 60, 41, 00, 8D, BE, 00, B0, FE, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75... 
[+]

Packer / compiler:

UPX 2.90LZMA]

Code size:

44 KB (45,056 bytes)

The file ts2bodyshopinstal_745.exe has been seen being distributed by the following 6 URLs.

http://www.stockclearhead.com/c?x=rOLTu4vTcXHtDjYjEtFT5q2qLvdm8N6L6fAmuJd9QU4=&c=Mm1AF4C1/n YDMwWf52zpvqKyeo4wd73n9ha8olN9pqYk JaTQBIaPWpe1GnI5Fz15iHLh r JNUeB8KkY32Ba5j0hnRW97phAqVA5d9pJPpuLZBB2XbAjXpgWZ A0NADzkinC6qklNBirTN8t jU3D4He3lBm8Fj zoG8Na6QQ=&e=0&downloadAs=the-sims-2-body-shop-07.45.exe&fallback_url=http://pf.benjaminstrahs.com/s/1463870504/en/5/.../52943-83392-the-sims-2-body-shop.exe

http://www.downloadpresentcity.com/r1WGg2G0iJ8euu9dDFM4eiMwsY0FUnqkdW8lZOYhOtWtOkI5FuJo2Xqn_V72qDOeBZyNsc54gk9w9Jp1d3 PGNNhoTYBlpGvrxS5c6O2V_xh OoN1aaf2wmuOPLjdooJ2gIPXrJDuD8_4cDRuJN8Fq3aOXM2DK396dgtsPu8cP565gWZwzTcb5vlsOAuWc69NzxtQ f1JeUY0BzmUIJbSDGmof3HSA==-GzEDAGQyN_D5yKQCFOYVS6jZrCfiMJED9rYYYj6JvTcOPFlj5GcRmEu89Wmb7dHWrnhPVngia7aKLFTTfQxfKqTzcCe5iJrvDhQNlogU9JncB4z3Pmv33unjWJ3XHP796Zkqq4MNTOpAenAs5uA2kyq8Qnqi1DffN_PVgq9CNkvjfyxfx1yeVYNlEyjnLReJUxA0mRdNwnIYTr3E3ffJy0qI1_zV43l7LJ6PWo4TdM0RPy_2W99SLeGXIiU0Mu ZnJi98aE1ZXSowjEsgfm 7A foro2l3YyHVrumN18yIMyDMNpN_by6K6iM7zTS7tNslQ387pP36ghuo5HWf9txbfTEO_ TF9fjvWZ8UQDLz_fOS0DTDGIysIdw2YB92RVRG0UVmzdthDHG_QQREYE2Fl30pRP0FiwH2OxKB9OPB 6WbUHzSJjz7GvluZudGj5EQR_O2VL9Ne3fCR_H_YO1ZLJHt3KbLmJfFkj0L2D72zwAdc3ATWM45wmKXygwYb04kbGmVKfamGHKWpNcZn0r9SK2CHzhfktO_PU_w4O1aemhpQpMt2QpvK88fh0C4dl4HlLDH_gjSOSfssXiEYetIqIVqa99JPW5pEYIeWEGGIgT_V8oPtciTldFGJZYtnnTs0l0fakvb5UKWDMZwKKcn_NBpEPm3Er0Q6DNyI769WSdcMuCnT625E8CuhjbKBAqVxVBomzqd2EK5WBwM5HIpcuAi14I6gioIcY

http://download2122.mediafire.com/fe37bw4zb8ug/.../The Sims 2 Body Shop.exe

http://download2122.mediafire.com/we9wv3i0f7gg/.../The Sims 2 Body Shop.exe

http://download2122.mediafire.com/jgt5j34rcbeg/.../The Sims 2 Body Shop.exe

http://pf.phpnuke.org/s/1388867347/en/5/.../52943-83392-the-sims-2-body-shop.exe

Scan ts2bodyshopinstal_745.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.