twitter_hack_elite.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from wordpress.org and multiple other hosts.
MD5:
3c85af5778345e3541eb58da716bb2c2

SHA-1:
e48b86ba46ff44493b6363c1ef938a0723c780eb

SHA-256:
ffaeb6e2a5e97257946652a8adbf98c356bc45440ea55dd2e192cb2703c7baeb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/22/2018 12:06:22 AM UTC  (today)

File size:
5.2 MB (5,437,330 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\twitter_hack_elite.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
98304:PWNI23fHOhr2hTcb2/eRoW2Bzy1eWtwqC2rqVQLN+E5NtZBeio5rVC6:eNINKhgbEeRoW2Bk/zuiLd5SioJw6

Entry point:
50, 4B, 03, 04, 0A, 00, 00, 00, 00, 00, 98, 82, 8B, 41, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0A, 00, 15, 00, 77, 6F, 72, 64, 70, 72, 65, 73, 73, 2F, 55, 54, 09, 00, 03, 5F, 5D, C7, 50, 5D, 5D, C7, 50, 55, 78, 04, 00, 21, 00, 21, 00, 50, 4B, 03, 04, 14, 00, 02, 00, 08, 00, 8E, 3B, A6, 40, 67, 6F, 98, 9E, 6B, 1C, 00, 00, D9, 4D, 00, 00, 15, 00, 15, 00, 77, 6F, 72, 64, 70, 72, 65, 73, 73, 2F, 6C, 69, 63, 65, 6E, 73, 65, 2E, 74, 78, 74, 55, 54, 09, 00, 03, 1C, 28, A6, 4F, 5F, 5D, C7, 50, 55, 78, 04...
 
[+]

Entropy:
7.9885  (probably packed)

The file twitter_hack_elite.exe has been seen being distributed by the following 2 URLs.

https://wordpress.org/wordpress-3.5.zip

Scan twitter_hack_elite.exe - Powered by Reason Core Security