» estoque6.exe
Overview
Analysis
File Details
Downloads (1)

estoque6.exe

Estoque Fácil

MTG Softwares Ltda.

This is a setup program which is used to install the application. The file has been seen being downloaded from mtg.com.br.

File name:

estoque6.exe

Publisher:

MTG Softwares Ltda.

Product:

Estoque Fácil

Version:

6.7.5.0

MD5:

447665dfa673df18549fc9cf1f611248

SHA-1:

45c3d96bbb65226087fe738a46457873024a877e

SHA-256:

8a18c76a79b24ce5dd48e393915d3ca82de121acb095871a487b09f333637d17

Scanner detections:

4 / 68

Status:

Clean (4 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

5/19/2024 4:28:39 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Packed/PC-Guard

7.1.1

Bkav FE

HW32.CDB

1.3.0.4959

Comodo Security

Heur.Packed.MultiPacked

18658

McAfee

Artemis!447665DFA673

5600.6997

File size:

3.2 MB (3,365,888 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

Brazilian Portuguese

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\estoque6.exe

File PE Metadata

Compilation timestamp:

1/8/2012 10:08:14 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:lOmL0jZgr2Gn3wf2SpfMp/xqA137wtYzUhB:lXI9gr2G3E2IfMVxx1L6hB

Entry address:

0x843000

Entry point:

FC, 55, 50, E8, 00, 00, 00, 00, 5D, 60, E8, 03, 00, 00, 00, 83, EB, 0E, EB, 01, 0C, 58, EB, 01, 35, 40, EB, 01, 36, FF, E0, 0B, 61, B8, 08, 10, 40, 00, EB, 01, E3, 60, E8, 03, 00, 00, 00, D2, EB, 0B, 58, EB, 01, 48, 40, EB, 01, 35, FF, E0, E7, 61, 2B, E8, 9C, EB, 01, D5, 9D, EB, 01, 0B, 58, 60, E8, 03, 00, 00, 00, 83, EB, 0E, EB, 01, 0C, 58, EB, 01, 35, 40, EB, 01, 36, FF, E0, 0B, 61, 89, 85, 83, D6, 41, 00, 9C, EB, 01, D5, 9D, EB, 01, 0B, 58, EB, 01, E3, 60, E8, 03, 00, 00, 00, D2, EB, 0B, 58, EB, 01, 48... 
[+]

Packer / compiler:

PC Guard for Win32 v5.00

Code size:

5.1 MB (5,379,072 bytes)

The file estoque6.exe has been seen being distributed by the following URL.

http://mtg.com.br/software/.../Estoque6.exe

Scan estoque6.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.