home

тема3 инфекция.exe

Adit Testdesk

Adit Software

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-0c-9o-docs.googleusercontent.com.
Publisher:
Adit Software

Product:
Adit Testdesk

Description:
Adit Testdesk Embedded Tester

Version:
2.0.1396

MD5:
83e25ac2c0092647fc48739c2ddbe68c

SHA-1:
6f9a08fe58600cb8d8cbcc50ba3b54313b131343

SHA-256:
978cf526874ef157380212f6f1a7342355c51fcb912e0be3a1b851c572359bd8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/8/2024 11:24:56 AM UTC  (today)

File size:
6.4 MB (6,735,615 bytes)

Product version:
2.0.1396

Copyright:
Copyright ©2005-09 Adit Software

Original file name:
Testviewer.c32

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\computer base surgery\тема3 инфекция.exe

File PE Metadata
Compilation timestamp:
12/23/2009 9:28:56 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:2gLHGTsRXoUXg7B/jpayG16WZr7cL/V/PkR:TGQRXyB/jpayU5ZvIN/P2

Entry address:
0xCE1D3F

Entry point:
E8, 3B, FF, FF, FF, 05, A3, 25, 00, 00, FF, E0, E8, 2F, FF, FF, FF, 05, BC, 13, 00, 00, FF, E0, E8, 04, 00, 00, 00, FF, FF, FF, FF, 5E, C3, 00, 1F, FE, 0E, 8E, 8C, BD, E9, 98, 97, 60, B0, 3E, 9E, 36, 29, 32, 26, E5, AD, 7E, 64, D8, AC, DB, 3B, E0, C9, 54, 02, A8, 97, C6, 5C, 93, 8A, 0D, 0F, 96, 9B, 37, C0, EF, A4, 72, F7, EA, 01, 62, 8B, 5C, EC, 16, 00, 82, BB, 85, C1, 8C, 55, 74, A2, 68, F4, 17, 56, 7B, 39, A2, A8, B5, 1D, F1, 08, D3, 93, A6, 26, 03, 6C, 18, 93, B1, 0B, 93, 04, 7F, A7, 25, 33, 1B, 56, 96...
 
[+]

Entropy:
7.8385  (probably packed)

Code size:
7 MB (7,303,168 bytes)

The file тема3 инфекция.exe has been seen being distributed by the following URL.

https://doc-0c-9o-docs.googleusercontent.com/docs/securesc/88bj5j8kmtjumjoeo9cbra5t9haqf23c/4lo9nhh9t57vk4hkgl493r3hquuv27m3/1464192000000/.../00553877464102773444/0B2WA4F2ykUZ5MUZXWTNob3lhd2c?e=download

Scan тема3 инфекция.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.