» ebpol_2016_classic_devisfacturation_8_0_1_2610.exe
Overview
Analysis
File Details
Downloads (4)

ebpol_2016_classic_devisfacturation_8_0_1_2610.exe

EBP Devis & Facturation Classic 2016 8.0 (OL Technology)

EBP INFORMATIQUE

This is a setup program which is used to install the application. The file has been seen being downloaded from go.ebp.com and multiple other hosts.

File name:

Publisher:

EBP (signed by EBP INFORMATIQUE)

Product:

EBP Devis & Facturation Classic 2016 8.0 (OL Technology)

Description:

EBP Devis & Facturation Classic 2016 (OL Technology) version 8.0.1.2610

Version:

8.0.0

MD5:

32e5ce1368be44a3ceb498858e2aecd4

SHA-1:

117ac9077aec96493a41336aa5460987231a26b1

SHA-256:

92bd4b9f73bacf5055b9f895e88106b9b671c662a11fb01a20ea740b2148f9a5

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/15/2024 12:27:01 AM UTC (today)

File size:

74.8 MB (78,479,504 bytes)

Product version:

8.0.0 0, 0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\ebpol_2016_classic_devisfacturation_8_0_1_2610.exe

Digital Signature

Signed by:

EBP INFORMATIQUE

Authority:

COMODO CA Limited

Valid from:

5/13/2015 2:00:00 AM

Valid to:

5/13/2017 1:59:59 AM

Subject:

CN=EBP INFORMATIQUE, O=EBP INFORMATIQUE, STREET=Rue CUTESSON, L=GAZERAN, S=FRANCE, PostalCode=78125, C=FR

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00BD1D0705A57749B45EFE4F3B4887831F

File PE Metadata

Compilation timestamp:

11/4/2013 4:38:59 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1572864:ktVwQ2tNe1Ix96MCUX5DNqeiGX4jzHvR2zLPo:LjYIr9cxPvRiTo

Entry address:

0x181DD

Entry point:

E8, DA, 3E, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, F8, A4, 42, 00, E8, 79, F9, FF, FF, 6A, 0E, E8, AD, 1C, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, C4, 06, 43, 00, BA, C0, 06, 43, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, B4, F2, FF, FF, 59, FF, 76, 04, E8, AB, F2, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00, E8, 68, F9, FF, FF, C3, 8B, D0, EB, C5, 6A, 0E, E8, 78, 1B, 00, 00, 59, C3, CC, CC, CC, CC, CC, CC... 
[+]

Code size:

134 KB (137,216 bytes)

The file ebpol_2016_classic_devisfacturation_8_0_1_2610.exe has been seen being distributed by the following 4 URLs.

http://go.ebp.com/?Type=120004&Country=FR&LangueID=fr&Tid=0001308428&Cnum=3700882&Param=/priv/fr/fr/OL_INV10/.../EBPOL_2016_Classic_DevisFacturation_8_0_1_2610.exe|1711|2714&URLDest=http://dwl-6.ebp.com/?a=b7b423508768d21f17fe6dea8029ecdf3967248015195483726050319468273b39fb1e59c2ee665e66dc4fb2fe8ecbZVmhaZGxwdVNYWmFia2wyVkRCNGVrRjNWMxNzkzYzJiODMyZTNlOGUzZTI2OGEWxYVGpBPWVVNXFSWGROVkVGMlRXcEJl3MWJlNjIyNDdOVEU0TW1GaVlXWTJaaltRlhUbVpNTWpRMFpUZGpNVFkyWXpobU4yUmo=RTVwWkVkc2RtSnNPRFJZZWtKbVRWWTRZUWHBuZUdaRVFUMWtXRXBvYlZZMFdsaWTRlVTFFUlRKT09VWllNRTV6V1ZoT2VkwTTJFMFpsTlZOVmRTUjFZeVlWaE9SMDNlRTVFVlhkTU0wSjVNbUZSYkVKUVZF

http://dwl-7.ebp.com/?a=727d45d4c3c2e9efbcc46c05b5a2528a60978125346493285170182796405381e134a4d381c9c8dcca7cd4683903573MWJlNjIyNDdZekphYmtsMlZEQjRabEWTJaalkwTTJFMFZFRjJUV3BCZUU1cE95WTlZkTlRXcEpOV1pFUVQxWWVrSm1UVE1iVlkwV2xoM2VFNUVOVEU0TW1GaVlXVWlNSMVl5TWpRMFpUZGpNVFkyWXpobU4yUmo=9SMWxYVGpCUmJFSlFWRVk0ZVU1cVJYZbVk9TTBKNVlWaFpkbHB1U1haTmFsa3pNWMxNzkzYzJiODMyZTNlOGUzZTI2OGENbUZrV0Vwb1pFZHNkbUpzT0RSTVlWaElk0ZVUxRVJUSllNRTV6V1ZoT2VtRlhU

http://go.ebp.com/?Type=120004&Country=FR&LangueID=fr&Tid=0001274055&Cnum=3603902&Param=/priv/fr/fr/OL_INV10/2016/EBPOL_2016_Classic_DevisFacturation_8_0_1_2610.exe|1711|2714&URLDest=http://.../?a=69f6c505f534d62e4dbbe8bebff9203c7406859321297380651410642378955dd28d74582c9388f5b67a790556006f3MWJlNjIyNDdNbUZZZWtKbVRWWTRlVTNWMxNzkzYzJiODMyZTNlOGUzZTI2OGEBaVGRqTVRZMll6aG1OMlJqVlhsU1IxWRUpRTUU1eldWaE9lbUZYVG1aTU0wSjVVxUlhkWWVFNXBPVVphYmtsMlZEQjRabE5WTlZjPWFrVXlUMFJOZW1aRVFUMVJiXlZVmhPUjFsWFRqQk9kbUpzT0RSTWJWWTBXbGgzZUU1RU5URTRNbUZpWVdZMlpqWTBNMkUwWVZoWmRscHVTWFprV0Vwb1pFZHM=WRVk0ZVUxRVJUSk5WRUYyVFdwQk1qUT

http://go.ebp.com/?Type=120004&Country=FR&LangueID=fr&Filiale=FR&Tid=0001332891&Cnum=3769580&Param=/priv/fr/fr/OL_INV10/2016/EBPOL_2016_Classic_DevisFacturation_8_0_1_2610.exe|1711|2714&URLDest=http://.../?a=b77c57df0963cb8ef9ff84b21ab627620597643128368541092745083296171ee4e6497d21d1c184891194bd5d8690VTVxUlhka1dFcG9aRWRzZG1Kc1QxUlpNbVpFUVQxWWVrSm1UVlk0TlRFNE1tRmNWMxNzkzYzJiODMyZTNlOGUzZTI2OGEaDNlRTVFVlRBPU1tRk1NMEo1WVZoWmRVpSVkRCNFpsTlZOVmROVkVGMlRXcEJlJPVkVFeU9EUllNRTV6V1ZoT2VtRlhUbscHVTWFpTYkVKUVZFWTRlVTFFUlRKYWJrbDI=lZV1kyWmpZME0yRTBNalEwWlRkak1UW3MWJlNjIyNDdSMVl5WVZoT1IxbFhUakTJZemhtTjJSamVFNXBPVVpNYlZZMFds

Scan ebpol_2016_classic_devisfacturation_8_0_1_2610.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.