home

CNCSimProSetup.exe

CNCSimulator Pro

CNCSimulator.com

This is a setup and installation application. The file has been seen being downloaded from xx1dbw.bl3301.livefilestore.com and multiple other hosts.
Publisher:
CNCSimulator.com

Product:
CNCSimulator Pro

Description:
This installer database contains the logic and data required to install CNCSimulator Pro.

Version:
1.2.1.6

MD5:
4366f7cdac8baed76af9f0759fc3e147

SHA-1:
cab02bbc153a0f12b0ddbdd62356a674518e4220

SHA-256:
561fd73e30c6374501cd0f2bf8d10bfe9fd0d4ae0983aef1d02a5a60c7edccb1

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 5:38:35 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Packed.Themida (variant)
8.10603

File size:
68.6 MB (71,953,683 bytes)

Product version:
1.2.1.6

Copyright:
Copyright (C) CNCSimulator.com

Original file name:
CNCSimProSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\cncsimprosetup.exe

File PE Metadata
Compilation timestamp:
7/26/2012 6:52:33 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1572864:jkl3B9Bn8LeSz3c2xYaLX6jK5RFKCEq/6QL2m4EdcLYOHoYNh:Y3vBn8LRz3c2RD6upKCEE6QyouLh

Entry address:
0x2E32E

Entry point:
E8, 90, 91, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, 53, FF, 75, 10, 8D, 4D, F0, E8, 8A, FA, FF, FF, 33, DB, 39, 5D, 08, 75, 2E, E8, 3E, 2B, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, C6, 2A, 00, 00, 83, C4, 14, 38, 5D, FC, 74, 07, 8B, 45, F8, 83, 60, 70, FD, B8, FF, FF, FF, 7F, E9, C7, 00, 00, 00, 56, 8B, 75, 0C, 3B, F3, 75, 2E, E8, 08, 2B, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 90, 2A, 00, 00, 83, C4, 14, 38, 5D, FC, 74, 07, 8B, 45, F8, 83, 60, 70, FD, B8...
 
[+]

Entropy:
7.9971  (probably packed)

Code size:
254 KB (260,096 bytes)

The file CNCSimProSetup.exe has been seen being distributed by the following 9 URLs.

https://xx1dbw.bl3301.livefilestore.com/.../CNCSimProSetup.exe

http://cncsimulator.com/Download/.../CNCSim_ProSetup.exe

https://onedrive.live.com/download.aspx?cid=A8F9499475CFE3D7&resid=A8F9499475CFE3D7!141&authkey=!ABwey-_JymGAZRs&canary=

http://cncsimulator.info/downloads/.../CNCSim_ProSetup.exe

https://xx1dbw.bl3301.livefilestore.com/.../CNCSimProSetup.exe

http://techromic.com/.../CNCSim_ProSetup.exe

https://xx1dbw.bl3301.livefilestore.com/.../CNCSimProSetup.exe

https://192.168.100.110:5001/.../CNCSimProSetup.exe

http://cncsimulator.info/downloads/.../CNCSimProSetup.exe

Scan CNCSimProSetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.