home

update.zip

The file update.zip has been detected as malware by 1 anti-virus scanner. The file has been seen being downloaded from dc437.4shared.com and multiple other hosts.
MD5:
d9a79c2222972a795c9877bbe1c43f2a

SHA-1:
9b905df8f74bf84b5e83acf04ac6514f607c0543

SHA-256:
0552d7c0c8911b0a971dd8bcc6b35b4fe9331f56095c3df5f7da2d6c47e32721

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
5/16/2024 9:24:14 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.6.18

File size:
1.2 MB (1,288,661 bytes)

Common path:
C:\users\{user}\downloads\update.zip

The file update.zip has been seen being distributed by the following 5 URLs.

http://dc437.4shared.com/download/.../galaxy_y.zip?tsid=20151130-124530-873e3d70&sbsr=50f465b28ed932e0cb9ad698c503bfab95b&lgfp=2000

http://cdnfiles.4shared.com/web/cdn/popular/download/7PCwnT_e?contDisp=attachment; filename="galaxy y.zip"; filename*=utf-8''galaxy y.zip&contType=APPLICATION/.../

http://dc437.4shared.com/download/.../galaxy_y.zip?tsid=20160706-205627-d84f5113&sbsr=5ceee54a95c2816e4d334a6b03eefe8e97a&lgfp=2000

http://cdnfiles.4shared.com/web/cdn/popular/download/7PCwnT_e?contDisp=attachment; filename="galaxy y.zip"; filename*=utf-8''galaxy y.zip&contType=APPLICATION/.../

http://cdnfiles.4shared.com/web/cdn/popular/download/7PCwnT_e?contDisp=attachment; filename="update.zip"; filename*=utf-8''update.zip&contType=APPLICATION/.../

Remove update.zip - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.