home

vibropad.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from ctosem.ru.
MD5:
ee13c0fcf53c583e128e754930376d3f

SHA-1:
91807bd25a356d1e5aa58c254e206a2e57779800

SHA-256:
d575f336a897423e7262a26337dfea8a239de3f8c03a34fbf443bab6836933f7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/14/2024 6:46:50 AM UTC  (today)

File size:
914.5 KB (936,448 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
1/4/2014 1:13:33 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:ZZf3ZknP1eDy3lWPqsyXPPzV70GIBPmhjy3HhNyF5e+d2ID/f3Zl4sR8/iE3Eu6g:9knP1eDy3lWPqsyXPPzV70GIBPmhjy3P

Entry address:
0x22993

Entry point:
FF, 25, 00, 80, 44, 00, 00, 00, 00, 03, 30, 01, 00, 0B, 00, 00, 00, 00, 00, 00, 00, 20, 00, 01, FF, 0F, 80, ED, 07, 00, 04, 2A, CC, 03, 30, 01, 00, 0B, 00, 00, 00, 00, 00, 00, 00, 20, 01, 00, FF, 0F, 80, F5, 07, 00, 04, 2A, CC, 03, 30, 01, 00, 0B, 00, 00, 00, 00, 00, 00, 00, 20, 10, 00, FF, 0F, 80, F3, 07, 00, 04, 2A, CC, 03, 30, 01, 00, 07, 00, 00, 00, 00, 00, 00, 00, 16, 80, E9, 07, 00, 04, 2A, CC, 03, 30, 01, 00, 07, 00, 00, 00, 00, 00, 00, 00, 17, 80, F4, 07, 00, 04, 2A, CC, 03, 30, 01, 00, 07, 00, 00...
 
[+]

Code size:
283.5 KB (290,304 bytes)

The file vibropad.exe has been seen being distributed by the following URL.

http://ctosem.ru/FILES/blog/.../VibroPad.exe

Scan vibropad.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.