home

video.exe

The executable video.exe has been detected as malware by 5 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from adaa64cec05426b.co.cc.
MD5:
64ee997f29bdfa836b50de39e3ad6c2c

SHA-1:
92fad90f536149698b1e604cc1adda23b7a8b4a5

SHA-256:
9de40d40d6e653d269104816a1916dba84213e1cc04e279a3f43d09bcf07c6a1

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
7/8/2025 7:27:51 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:MalOb-EO [Cryp]
160518-2

ESET NOD32
Win32/Kryptik.MHE trojan
7.0.302.0

F-Prot
W32/SuspPack.DA.gen
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.225.2254.0

VIPRE Antivirus
Threat.4736628
51054

File size:
338 KB (346,112 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\video.exe

File PE Metadata
Compilation timestamp:
1/12/2011 5:59:58 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
6144:Hnc64DCtD752cycYt4Tl9HSw4T2xmEKhDYfJE9kfIy4jNYoZooqwNgk:HcdK75tHYt4rj4TCxDfIyUjodk

Entry address:
0x103C

Entry point:
60, 33, C0, 50, 2D, D2, 9B, 93, 93, 50, 2D, C0, EE, 02, 3A, 50, 2D, 00, 01, FD, D0, 50, 8B, C4, 6A, 00, 6A, 00, 50, E8, A2, FF, FF, FF, 83, C4, 10, 83, F8, 01, 7C, 10, 66, B9, 50, 45, 03, 40, 3C, 66, 33, 08, 0F, 84, 3A, 03, 00, 00, C3, 1E, 00, 00, 00, 36, FF, 25, 18, 20, 40, 00, 00, 00, C8, 20, 00, 00, BB, 94, 31, 40, 00, 89, 9B, 74, FF, FF, FF, BF, 00, 00, 00, 00, 57, E8, F2, 01, 00, 00, 53, FF, B3, D4, 01, 00, 00, FF, 73, 64, 51, 57, E8, 99, 02, 00, 00, 5B, E8, FF, 05, 00, 00, 83, C4, 20, 5D, C2, 10, 00...
 
[+]

Entropy:
7.9760  (probably packed)

Code size:
3 KB (3,072 bytes)

The file video.exe has been seen being distributed by the following URL.

http://adaa64cec05426b.co.cc/

Remove video.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.