» hermes_syncmanager_install(broadmedia)_1.9.13_2012-11-06.exe
Overview
Analysis
File Details
Downloads (1)

hermes_syncmanager_install(broadmedia)_1.9.13_2012-11-06.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from wiki.cdnetworks.com.

File name:

MD5:

9973d24f8c50006bbf90ee8a4ba24659

SHA-1:

fcc7648ce61fff7c6144950bfa0c815d03cd0ac0

SHA-256:

861a8ae520d88624d93d4802748ae17fa6e33be417600aa4dcc85d3dbe5a6ed2

Scanner detections:

4 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

12/20/2025 11:57:44 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

AVG

Trojan horse Agent3.PII

2014.0.3950

IKARUS anti.virus

Trojan.Win32.Webprefix

t3scan.1.6.1.0

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.0

VIPRE Antivirus

Threat.4150696

29418

File size:

1.7 MB (1,796,225 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\hermes_syncmanager_install(broadmedia)_1.9.13_2012-11-06.exe

File PE Metadata

Compilation timestamp:

8/26/2007 1:16:09 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:G0Vao0id3A7trQaClKgNqBvCWriKnvGHPbphkwmIURWlerHc6J6qmIganqHL+01S:Fp00OOaHS4xGHTpWbJ6D1anU1eki3YvQ

Entry address:

0x30FB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, C8, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, D4, EC, 42, 00, E8, D4, 2A, 00, 00, A3, 24, EC, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 48, 90, 42, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, 20, E4, 42, 00, E8, 8B, 27, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 79, 27, 00, 00... 
[+]

Entropy:

7.9906

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

The file hermes_syncmanager_install(broadmedia)_1.9.13_2012-11-06.exe has been seen being distributed by the following URL.

http://wiki.cdnetworks.com/confluence/download/attachments/.../Hermes_SyncManager_Install(broadmedia)_1.9.13_2012-11-06.exe

Scan hermes_syncmanager_install(broadmedia)_1.9.13_2012-11-06.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.