home

CaptImag.exe

CaptImag

Claude Dekokère

This is a setup program which is used to install the application. The file has been seen being downloaded from lb.cdn.m6web.fr and multiple other hosts.
Publisher:
Claude Dekokère

Product:
CaptImag

Description:
Capture écran - Screen capture

Version:
3.7.5.0

MD5:
2042ce590fdd38d412adcf32e6cb5c57

SHA-1:
e9b72d928ad83c9ededcccfab743ae7c4cadf12c

SHA-256:
db2c209e3a32ce6a1d09152467c8e48d8e571ae88c4846ffd501523feda68bda

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 3:29:19 AM UTC  (today)

File size:
695.5 KB (712,192 bytes)

Product version:
3.7.5.0

Copyright:
Claude Dekokère - février 2012

Original file name:
CaptImag.exe

File type:
Executable application (Win32 EXE)

Language:
French (France)

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:VkShufBsRLMnodivRo6E5EBmcS2X7oD0mtrCnLT5Y:xhufCB8vI5EhS2roDZtALT

Entry address:
0x8A610

Entry point:
55, 8B, EC, 83, C4, F4, B8, 88, A4, 48, 00, E8, 6C, BC, F7, FF, 6A, 00, E8, B1, BE, F7, FF, 68, C4, A6, 48, 00, 6A, 00, 6A, 00, E8, FB, BC, F7, FF, E8, 8E, BD, F7, FF, 3D, B7, 00, 00, 00, 74, 66, A1, F8, 01, 49, 00, 8B, 00, C6, 40, 43, 00, A1, F8, 01, 49, 00, 8B, 00, E8, 00, C6, FB, FF, A1, F8, 01, 49, 00, 8B, 00, BA, E0, A6, 48, 00, E8, 13, C2, FB, FF, 8B, 0D, F0, 02, 49, 00, A1, F8, 01, 49, 00, 8B, 00, 8B, 15, 10, 35, 48, 00, E8, EF, C5, FB, FF, 8B, 0D, 1C, 03, 49, 00, A1, F8, 01, 49, 00, 8B, 00, 8B, 15...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
550 KB (563,200 bytes)

The file CaptImag.exe has been seen being distributed by the following 5 URLs.

http://lb.cdn.m6web.fr/d/c/a/fcdc63e5db30bcbb3ad870ae1ee603df/561039eb/soft/.../captimag_3-7-5_fr_124710.exe

http://lb.cdn.m6web.fr/d/c/a/be5929c5a0cd23feef3c719d95170337/56fa2e6f/soft/.../captimag_3-7-5_fr_124710.exe

http://lb.cdn.m6web.fr/d/c/a/e55077680e11c9226ef5f4133bea05c5/56746af7/soft/.../captimag_3-7-5_fr_124710.exe

http://captilude.free.fr/.../captimag.exe

http://ahp.li/a989424d419284a98081.exe

Scan CaptImag.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.