home

download_dev-c-4992.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.clickgratis.com.br.
MD5:
41eb716435d8b1652ef3f94dfb1d557e

SHA-1:
1c489431d039e2daa51ff535da6972823287461d

SHA-256:
091584dfd25782bb9db9492349ec538f6e476cc606246884306af3fc81b89fec

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 3:50:56 AM UTC  (today)

File size:
1.1 MB (1,147,096 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\download_dev-c-4992.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:WY4ZAxK/EYnWDX4rvtkZpeJ/X1mzZsbp:WcGWDo2Hm

Entry address:
0xCD1B0

Entry point:
55, 8B, EC, 83, C4, F0, B8, F0, 4B, 40, 00, E8, 73, EB, FF, FF, 90, 31, 46, 00, 8B, C0, FF, 25, 8C, 31, 46, 00, 8B, C0, FF, 25, 88, 31, 46, 00, 8B, C0, FF, 25, 84, 31, 46, 00, 8B, C0, FF, 25, 80, 31, 46, 00, 8B, C0, FF, 25, 7C, 31, 46, 00, 8B, C0, FF, 25, 78, 31, 46, 00, 8B, C0, FF, 25, 74, 31, 46, 00, 8B, C0, FF, 25, 70, 31, 46, 00, 8B, C0, FF, 25, 6C, 31, 46, 00, 8B, C0, FF, 25, D8, 31, 46, 00, 8B, C0, FF, 25, 68, 31, 46, 00, 8B, C0, FF, 25, 64, 31, 46, 00, 8B, C0, FF, 25, 60, 31, 46, 00, 8B, C0, FF, 25...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
837.5 KB (857,600 bytes)

The file download_dev-c-4992.exe has been seen being distributed by the following URL.

http://www.clickgratis.com.br/download/redir/.../?installer=1

Scan download_dev-c-4992.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.