home

joeffice.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.joeffice.com.
MD5:
5af52d4014d4f17c5b2a3baddde069d7

SHA-1:
d6516db66a70c6daeeab9b9f4a9140be9bef9c32

SHA-256:
3d6e89aa15954042f6cc28ff06760ecf4ba96aa64ff33dd360fcca4d77d4955d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 10:12:41 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Trojan.GenericKD.1477867
8.14.03.21.05

File size:
13.5 MB (14,166,394 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\joeffice.exe

File PE Metadata
Compilation timestamp:
10/29/2012 12:23:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
393216:ZHfbmWcmmi8MBz3Nl0EUuKCy9uU4U3QYjR:BbmWcFpMpdl0rKyAU4sJR

Entry address:
0x12B0

Entry point:
55, 89, E5, 83, EC, 18, C7, 04, 24, 02, 00, 00, 00, FF, 15, 1C, 64, 41, 00, E8, 38, FD, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 83, EC, 08, A1, 34, 64, 41, 00, C9, FF, E0, 66, 90, 55, 89, E5, 83, EC, 08, A1, 28, 64, 41, 00, C9, FF, E0, 90, 90, 55, 89, E5, 83, EC, 18, 8B, 45, 0C, 89, 45, F8, 83, 7D, F8, 10, 74, 27, 83, 7D, F8, 10, 77, 0F, 83, 7D, F8, 02, 0F, 84, 8E, 00, 00, 00, E9, DB, 00, 00, 00, 81, 7D, F8, 11, 01, 00, 00, 0F, 84, AC, 00, 00, 00, E9, C9, 00, 00, 00, A1, 3C, 50, 41, 00, 89, 04...
 
[+]

Entropy:
7.9813  (probably packed)

Code size:
66 KB (67,584 bytes)

The file joeffice.exe has been seen being distributed by the following URL.

http://www.joeffice.com/joeffice.exe

Scan joeffice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.