home

getpassword.exe

Lespeed Technology Ltd.

Publisher:
Lespeed Technology Ltd.  (signed and verified)

MD5:
fc901885387e4ed7f2d9908f58e3992e

SHA-1:
2a554eca58ff874e271e0f8e7595e07d6da3b6af

SHA-256:
270240d8e3036a40b94de23cd7401aa99bac5096f0b5d7153efba9a06756ff6d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:48:57 AM UTC  (today)

File size:
696.7 KB (713,464 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\getpassword.exe

Digital Signature
Signed by:
Lespeed Technology Ltd.

Authority:
Symantec Corporation

Valid from:
1/6/2016 7:00:00 AM

Valid to:
5/17/2017 6:59:59 AM

Subject:
CN=Lespeed Technology Ltd., O=Lespeed Technology Ltd., L=BeiJing, S=BeiJing, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
52CCA8A5127FC14C6BE7074964FC480E

File PE Metadata
Compilation timestamp:
2/25/2016 6:12:30 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:pzxleygfcdLRNfBzN5CVPbqGjrpaleNJyEiuJBc888888888888W88888888888o:tLeygkdLRNfBp5C5N88Z9d

Entry address:
0x6E798

Entry point:
55, 8B, EC, 83, C4, F0, B8, A8, DD, 46, 00, E8, E8, 8F, F9, FF, A1, A4, 0D, 47, 00, 8B, 00, E8, 74, B2, FF, FF, A1, A4, 0D, 47, 00, 8B, 00, B2, 01, E8, CA, CD, FF, FF, 8B, 0D, 30, 0C, 47, 00, A1, A4, 0D, 47, 00, 8B, 00, 8B, 15, 80, B9, 46, 00, E8, 66, B2, FF, FF, A1, A4, 0D, 47, 00, 8B, 00, E8, AA, B3, FF, FF, E8, F5, 62, F9, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7201

Developed / compiled with:
Microsoft Visual C++

Code size:
438 KB (448,512 bytes)

The file getpassword.exe has been seen being distributed by the following URL.

http://www.wisecleaner.com/.../GetPassword.exe

Scan getpassword.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.