NPE.exe

Norton Power Eraser

Symantec Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from gslink.us and multiple other hosts.
Publisher:
Symantec Corporation  (signed and verified)

Product:
Norton Power Eraser

Version:
3.2.0.23

MD5:
8477691056cd8607279f21434fa2eea5

SHA-1:
c1ef8e9e42e1fa131723532df51cc6738bf5648b

SHA-256:
81bb086c32dd1b0f48f80d47747bba1a810261fe821f77c160b7efaf7c23b741

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 12:58:11 PM UTC  (today)

File size:
2.8 MB (2,986,440 bytes)

Product version:
3.2

Copyright:
Copyright (c) 1997-2013 Symantec Corporation

Original file name:
NPE.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\npe.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
9/7/2010 8:00:00 PM

Valid to:
11/23/2013 6:59:59 PM

Subject:
CN=Symantec Corporation, OU=Symantec Research Labs, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Symantec Corporation, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
66660552D465B31F429F7527EA6A93BF

File PE Metadata
Compilation timestamp:
3/19/2013 12:24:56 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:w9JjjW+1n8u4aU48sQYq6JYd6g3uCpIHCHCvIgLIqaYVcDd26mmE4:0Jj1n81aUDsQHWiJ6CHCvpWYVc8F

Entry address:
0x1000

Entry point:
B8, 98, BE, D5, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, D2, 8E, 02, 4E, 97, B3, 55, 03, 2C, A4, BE, AC, C0, A4, 54, 95, 7E, 5B, B4, CE, 7F, 30, 09, BD, BC, F5, 14, 74, 79, 44, 34, 3B, C1, 80, 33, 2D, 83, 89, D0, 9B, E8, AA, E8, DA, 85, 25, 20, FE, 42, 83, 6E, 1F, 11, B7, 99, C5, 7F, 94, 6A, 14, C0, 4A, 2C, A6, EE, 93, F3, C2, 36, 5B, B6, 19, 28, A1, 31, 6F, 55, 04, 65, 7A, D6, 2C, 22, F7, 05, B8, 44, 34, FE, 84, F1, 1A, 91...
 
[+]

Entropy:
7.9775  (probably packed)

Code size:
5.8 MB (6,073,344 bytes)

The file NPE.exe has been seen being distributed by the following 3 URLs.