» cpu_id.exe
Overview
Analysis
File Details
Programs (1)
Downloads (2)

cpu_id.exe

Pro/ENGINEER

PTC

File name:

cpu_id.exe

Publisher:

PTC

Product:

Pro/ENGINEER

Description:

Pro/ENGINEER Wildfire from PTC

Version:

28, 0, 2007, 220

MD5:

55339b71f4de550617ba43cadc719d1e

SHA-1:

fef31e174a78e44d22347213825884711caad132

SHA-256:

074f6893bfb2e9872d58793dbc1fd1a6d523716dc51bf0004224355518c62e42

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/28/2024 5:02:04 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Malware-gen

150602-1

File size:

2.5 MB (2,631,168 bytes)

Product version:

Wildfire 5.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\cpu_id.exe

File PE Metadata

Compilation timestamp:

12/17/2009 9:24:17 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

9.0

CTPH (ssdeep):

49152:4gUmSm8MXIJdhMVOZffQ5ZHWcFO5dho0Q4zJMzdU01gch28FkPJvE:4Fh1wMJ

Entry address:

0x108527

Entry point:

E8, 1C, 99, 01, 00, E9, A4, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8, E3, 7E, 01, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, 80, 20, 68, 00, 74, 12, 8B, 0D, 98, 1F, 68, 00, 85, 48, 70, 75, 07, E8, 94, 2A, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, A0, 1E, 68, 00, 74, 16, 8B, 46, 08, 8B, 0D, 98, 1F, 68, 00, 85, 48, 70, 75, 08, E8, 73, 9B, 01, 00, 89, 46, 04, 8B, 46, 08, F6, 40, 70, 02, 75, 14, 83, 48, 70, 02, C6, 46, 0C, 01, EB, 0A... 
[+]

Entropy:

6.4944

Code size:

1.9 MB (1,990,144 bytes)

The file cpu_id.exe has been discovered within the following program.

WinDirStat 1.1.2 by Bernhard

WinDirStat is a graphical disk usage analyzer for Microsoft Windows, notable for presenting a sub-tree view with disk use percentage alongside a usage-sorted list of file extensions that is interactively integrated with a colorful graphical display (a treemap).

windirstat.info

5% remove it

The file cpu_id.exe has been seen being distributed by the following 2 URLs.

https://duke.htl-leonding.ac.at/ftp_dl.php?file=VTI5bWRIZGhjbVV2VFdGMGFHTmhaRjlEVUZWSlJDOWpjSFZmYVdRdVpYaGw=

http://support.ptc.com/WCMS/files/90575/.../cpu_id.exe

Scan cpu_id.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.