home

main assembly_32.exe

eDrawings 2009

Dassault Systèmes SolidWorks Corp.

This is a setup program which is used to install the application. The file has been seen being downloaded from asema.egnyte.com.
Publisher:
Dassault Systèmes SolidWorks Corp.

Product:
eDrawings 2009

Description:
EModelSelfExtracter Module

Version:
14.3.0.107

MD5:
2b6bc78f0ab0af07b56929172bf9ba5c

SHA-1:
693abb18dca9fe7512cc6bbcdb44f7bd7b07e200

SHA-256:
5fd058923348e24c0392ba12ac991695b77f7a64f29b2df860a6b98af0085cab

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/5/2024 7:16:27 PM UTC  (today)

File size:
6.4 MB (6,740,790 bytes)

Product version:
14.3.0.107

Copyright:
Copyright © 2008 Dassault Systèmes SolidWorks Corp.

Original file name:
EModelSelfExtracter.DLL

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\main assembly_32.exe

File PE Metadata
Compilation timestamp:
3/14/2014 4:01:52 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:DeHlrsjvJ53rq4G+Ijz3BW7Fwkw+LKvE+sjEVgvDLUNn:gxuhvGdfQyk39vqgbYn

Entry address:
0x6771

Entry point:
E8, EF, 1E, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 83, 65, FC, 00, 56, 8D, 45, FC, 50, FF, 75, 0C, FF, 75, 08, E8, 6B, 1F, 00, 00, 8B, F0, 83, C4, 0C, 85, F6, 75, 18, 39, 45, FC, 74, 13, E8, F5, 02, 00, 00, 85, C0, 74, 0A, E8, EC, 02, 00, 00, 8B, 4D, FC, 89, 08, 8B, C6, 5E, C9, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, B8, 2E, 41, 00, 89, 0D, B4, 2E, 41, 00, 89, 15, B0, 2E, 41, 00, 89, 1D, AC, 2E, 41, 00, 89, 35, A8, 2E, 41, 00, 89, 3D, A4, 2E, 41, 00, 66, 8C, 15, D0, 2E, 41, 00, 66...
 
[+]

Entropy:
7.9943  (probably packed)

Code size:
45.5 KB (46,592 bytes)

The file main assembly_32.exe has been seen being distributed by the following URL.

https://asema.egnyte.com/.../2EljFJJFsb?token=4d055131-a441-4ee1-ab4c-631014e9d3a7

Scan main assembly_32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.