home

AddmePoint.exe

WindowsApplication1

This is a setup program which is used to install the application. The file has been seen being downloaded from docviewer.yandex.ru and multiple other hosts.
Product:
WindowsApplication1

Version:
1.0.0.0

MD5:
2447f303efecc2861e02016e6e23b6e3

SHA-1:
6802d9c43e64a093b9b18c6147862904b6d9fa67

SHA-256:
403c19a940be6ccfc374d230ca8963e4332ea92978858549dd5ed475e7120de1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 2:32:22 PM UTC  (today)

File size:
274.5 KB (281,088 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
AddmePoint.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
6/12/2014 5:22:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:9VdRQ/vqkg1gEagdQHbUVdRQ/vqkg1gEagdQHhU:9V7uikFgrV7uikFgR

Entry address:
0x2880E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
154.5 KB (158,208 bytes)

The file AddmePoint.exe has been seen being distributed by the following 7 URLs.

https://docviewer.yandex.ru/source?id=2m0h-e9rj6c75ek44qacqy5ihodtpz34xne473d8wns1q2l6g8cxe9h3kn9nnyiot4jjpawcgdiqat8m52rqm5qylv6e3pdahhw4s8ip&archive-path=//AddmePoint.exe&ts=15805658c42&token=u0f4wc2tijjwkfWIfkYI5g==&name=AddmePoint(BOT).rar

https://mega.nz/temporary/.../VgIjnJ7Z

https://mega.nz/persistent/.../gQgQHAhL

https://docviewer.yandex.com.tr/source?id=2m2t-jwoziucqvwm1w3bo4q7o6q2e7mhorc8brfbql8qwu3lxxl47uup0e7cf0zs75y9ebsk8vpcqcdh48cydz2lf0mmcvpujlf1bw23&archive-path=//AddmePoint.exe&ts=1558f951528&token=8MP0FCX45F1qYx8X2mjKzg==&name=AddmePoint.rar&uid=396547699

https://mega.nz/temporary/.../OAgVSJbI

https://mega.nz/temporary/.../bsQh3aYS

https://mega.co.nz/temporary/.../SE9CHSJa

Scan AddmePoint.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.