home

9acn32ww.exe

7-Zip

Igor Pavlov

This is a self-extracting archive and installer. The file has been seen being downloaded from www.notebook-driver.com and multiple other hosts.
Publisher:
Igor Pavlov

Product:
7-Zip

Description:
7z Setup SFX

Version:
4.57

MD5:
50a3eb95ed4bd1055abccdc3261ede2b

SHA-1:
d2bc468ca34abe08054a0887044fadddd527f4b3

SHA-256:
7e24e606ac581c0a280c14005461440f173ecd7d821b3a6ee3da61dc947a7e55

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:33:39 AM UTC  (today)

File size:
4.4 MB (4,610,727 bytes)

Product version:
4.57

Copyright:
Copyright (c) 1999-2007 Igor Pavlov

Original file name:
7zS.sfx.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\programs\1\9acn32ww.exe

File PE Metadata
Compilation timestamp:
8/20/2012 11:00:24 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:cjxIBw50wcIxJ21x4/xss2emtRyOkIjwTFpoQPPHzoHjh/7tsAPhw6:wOki2J21oEtRyOkIkKQPsHFG4w6

Entry address:
0x55EE1

Entry point:
E8, E9, 3A, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, 00, 44, 46, 00, E8, D5, F7, FF, FF, 6A, 0E, E8, A9, 1C, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, E0, 7D, 46, 00, BA, DC, 7D, 46, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 50, F3, FF, FF, 59, FF, 76, 04, E8, 47, F3, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00, E8, C4, F7, FF, FF, C3, 8B, D0, EB, C5, 6A, 0E, E8, 74, 1B, 00, 00, 59, C3, CC, CC, CC, CC, CC, 8B...
 
[+]

Entropy:
7.9655  (probably packed)

Code size:
101 KB (103,424 bytes)

The file 9acn32ww.exe has been seen being distributed by the following 3 URLs.

http://www.notebook-driver.com/.../afHrRe0echHzMw6Ly9kb3dubG9hZC5sZW5vdm8uY29tL2NvbnN1bWVyL21vYmlsZXMvOWFjbjMyd3cuZXhl

http://www.notebook-driver.com/.../aHR0cHM6Ly9kb3dubG9hZC5sZW5vdm8uY29tL2NvbnN1bWVyL21vYmlsZXMvOWFjbjMyd3cuZXhl

https://download.lenovo.com/consumer/.../9acn32ww.exe

Scan 9acn32ww.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.