home

lupo_nrw_sv.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.asg.rinet.de and multiple other hosts.
Version:
2.0.1.45

MD5:
c2091569b09edd59d6377b87374ce76a

SHA-1:
d939579140bd928250aea0679e276fcf8c68fb6e

SHA-256:
d974041d1b5c3cfae1feb9d8a31fbdbf7f88ebb37229f35e9b4195f0beed30aa

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 2:11:57 AM UTC  (today)

File size:
7 MB (7,306,752 bytes)

Product version:
2.0.1

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\users\{user}\downloads\lupo_nrw_sv.exe

File PE Metadata
Compilation timestamp:
3/19/2013 3:23:46 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:bdL5o9Ch9MlAaXA2NbvuBV4EeCRWLjadpiNEZQjHbVyqkK1B2ttF7B5wgApG:I9C4lzFv4RWfadpiNISvAtbd5wgG

Entry address:
0x5D2EF8

Entry point:
55, 8B, EC, 83, C4, F0, B8, 40, D7, 9C, 00, E8, FC, 6C, A3, FF, 33, C9, B2, 01, A1, DC, A6, 9B, 00, E8, DA, 99, B5, FF, 8B, 15, 64, 75, 9F, 00, 89, 02, A1, 64, 75, 9F, 00, 8B, 00, E8, AA, F7, B5, FF, A1, 64, 75, 9F, 00, 8B, 00, 8B, 10, FF, 92, 8C, 00, 00, 00, E8, E2, 16, A4, FF, DB, 2D, F4, 2F, 9D, 00, DE, C1, DD, 1D, C0, 70, A8, 00, 9B, E8, CE, 16, A4, FF, DC, 1D, C0, 70, A8, 00, 9B, DF, E0, 9E, 72, EF, 33, C0, 55, 68, DC, 2F, 9D, 00, 64, FF, 30, 64, 89, 20, A1, 98, 7D, 9F, 00, 8B, 00, E8, 88, 3E, B6, FF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
5.8 MB (6,102,528 bytes)

The file lupo_nrw_sv.exe has been seen being distributed by the following 2 URLs.

http://www.asg.rinet.de/aktuell/.../LuPO_NRW_SV.exe

http://www.schaurte-koeln.de/pdf/.../LuPO_NRW_SV.exe

Scan lupo_nrw_sv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.