home

181850_bacon_23639.exe

The Sheridan Press

Publisher:
The Sheridan Press  (signed and verified)

Description:
iWrapper (NEJM_181850_Bacon_23639)

Version:
0, 0, 0, 0

MD5:
c9e80b9cad38bbd6a83c0d35ab998818

SHA-1:
b9d9c2813e0e88f899e292a400730d62e1c5faf0

SHA-256:
08c37109e96cf6bbf65694326cc11c52e7ac533a8cff924bd3b883c5c6af6851

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
7/16/2025 3:01:54 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
2014.9-150221

File size:
4.3 MB (4,539,464 bytes)

Product version:
0, 0, 0, 0

Copyright:
Copyright © 2011 iWrapper, LLC

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\181850_bacon_23639.exe

Digital Signature
Signed by:
The Sheridan Press

Authority:
Thawte, Inc.

Valid from:
4/4/2011 8:00:00 PM

Valid to:
4/11/2012 7:59:59 PM

Subject:
CN=The Sheridan Press, OU=IT, O=The Sheridan Press, L=Hanover, S=Pennsylvania, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
06AE0B7EC76B4809518FF8FA751C505A

File PE Metadata
Compilation timestamp:
10/2/2007 6:49:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:egd6hN8h0JUnSuwSs9NoGONywKublPOHf1Bgbqfz09Mz:egu8hGmSD9DYFM/fAqfzAA

Entry address:
0x1000

Entry point:
68, 01, 60, A0, 00, E8, 01, 00, 00, 00, C3, C3, EE, 79, 4F, DB, 8C, BB, 3D, 86, C3, 74, D1, E9, 8F, EC, 9A, 7D, EF, 65, 55, D7, E7, 8E, F0, D5, 8B, 1D, F4, 2E, 49, 22, 83, AF, 13, D4, AC, 7D, CE, A3, 47, 5A, 70, F7, 01, FC, 52, CE, 46, 06, 19, 76, 28, A9, 8A, 69, B8, 29, CB, 9C, 1C, 64, 5F, 42, BA, 86, 10, 00, C1, EE, 37, 7A, 14, C8, 83, C1, 13, D8, BB, 6C, 45, CF, 0C, 30, 8D, 54, FB, 76, 3A, E8, 87, C2, 03, 81, D8, A3, 47, 8C, A1, 40, 81, 48, EB, E2, F2, CE, A9, 11, ED, 27, D8, A1, D3, 63, A4, B7, 09, 7B...
 
[+]

Entropy:
7.9977

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
184 KB (188,416 bytes)

Scan 181850_bacon_23639.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.