» 21.11.683.@!1436472627_c9g8mbdqgajw@!bancodados.exe
Overview
Analysis
File Details
Downloads (1)

21.11.683.@!1436472627_c9g8mbdqgajw@!bancodados.exe

DB Ghost Package

Innovartis

This is a setup program which is used to install the application. The file has been seen being downloaded from arquivos.mysuite.com.br.

File name:

Publisher:

Innovartis

Product:

DB Ghost Package

Description:

BancoDados

Version:

3.0.0.0

MD5:

72752a9f15a136d5004396a28a4d1622

SHA-1:

d48804018104b088738bbbdcd0bca6442273a403

SHA-256:

6f9d8f8598fedcaf506ae25164cb2df34ff5c73f1f934c31b01478eec0826066

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/2/2024 9:05:18 PM UTC (today)

File size:

4 MB (4,239,360 bytes)

Product version:

3.0.0.0

Trademarks:

DB Ghost

Original file name:

BancoDados.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\21.11.683.@!1436472627_c9g8mbdqgajw@!bancodados.exe

File PE Metadata

Compilation timestamp:

7/9/2015 5:09:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

49152:RGikkRqlO1d1Tzrer3sI6t4GDwMVuUf1itW0X:RG3EzrerY4GDfj1itW0X

Entry address:

0x409A0E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

4 MB (4,227,072 bytes)

The file 21.11.683.@!1436472627_c9g8mbdqgajw@!bancodados.exe has been seen being distributed by the following URL.

http://arquivos.mysuite.com.br/.../21.11.683.@!1436472627_c9g8mbdqgajw@!BancoDados.exe

Scan 21.11.683.@!1436472627_c9g8mbdqgajw@!bancodados.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.