» office_professional_2003.exe
Overview
Analysis
File Details
Downloads (10)

office_professional_2003.exe

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from s7669.chomikuj.pl and multiple other hosts.

File name:

Publisher:

Microsoft Corporation

Version:

11,0,5510

MD5:

d80ff17606dea85b25f93ae622c03dad

SHA-1:

c07022fbe3fdf34a15bcb84c54bea111ca1bf73e

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 6:28:34 AM UTC (today)

File size:

321.9 MB (337,516,036 bytes)

Product version:

11,0,5510

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

8/3/2005 7:31:58 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.0

CTPH (ssdeep):

6291456:5wCX4k/e7iljPI45cI9lXYdfULjkC1OVKvfALBfY6qZSV7ObozADLRG1:2sb/g6fljz14rqZ/czApG1

Entry address:

0x1000

Entry point:

E8, 9B, 27, 00, 00, 50, E8, A7, 22, 01, 00, 00, 00, 00, 00, 90, 55, 8B, EC, 53, 56, 57, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, D3, FF, 75, 14, 68, E5, 40, 41, 00, 6A, 00, 6A, 00, 8B, C6, 8B, CF, E8, 26, 43, 00, 00, 81, EB, 10, 01, 00, 00, 74, 05, 4B, 74, 14, EB, 57, FF, 75, 14, 6A, 66, 56, E8, F8, 24, 01, 00, B8, 01, 00, 00, 00, EB, 47, 66, 81, E7, FF, FF, 66, FF, CF, 74, 07, 66, FF, CF, 74, 23, EB, 30, 68, 80, 00, 00, 00, 68, D4, 50, 41, 00, 6A, 65, 56, E8, 3E, 24, 01, 00, 6A, 01, 56, E8, 18, 24, 01, 00... 
[+]

Entropy:

7.9999 (probably packed)

Code size:

76 KB (77,824 bytes)

The file office_professional_2003.exe has been seen being distributed by the following 10 URLs.

http://s7669.chomikuj.pl/File.aspx?e=dEOA5bRvOlKARl9bZAbnQvVsjlkbbqLixDz9r57Avxbh2iVyQEu0Y7OR3p6zb-lpIBOqtbbu3Bv4jNYOgJWvPzV_kK6rVdNQtbyBm9F4dqfrs0r6-ZD-FJSVAXCYlmhQpUa4XYLl-DgeZlpJv61iB2FLcfEsy4Qipri7YCcB1tQ&pv=2

http://s5018.chomikuj.pl/File.aspx?e=dEOA5bRvOlKARl9bZAbnQmPvoYglahlgDzSQaCRUnRpXMUmgLzbISskXqtml_2wzvdXSfBpYL2QaQXN7I90nKJWEhPiclmNXyWcuoNtBbhXPozFwzKZNO8I3s1u0AV-1iMX9vMt_wvW1n3x_LYp5t4hxI7wJfpvNT2FiUb_zeOpTL7lVt1ZAe8863yH5HLXL&pv=2

http://s7669.chomikuj.pl/File.aspx?e=dEOA5bRvOlKARl9bZAbnQmPvoYglahlgDzSQaCRUnRqBi5rP6xJ8K-1udq_CxHPZZ313GhQprD5wYG23PYwucyj_heeK5Ny6N3PCsLoU9jcdWr5xX2zufGJ1tGwBBRKEc5nnSH0-xr1dn57YL4668BMB7CF1DQVN1pUCDateH-g&pv=2

https://doc-00-c8-docs.googleusercontent.com/docs/securesc/cu8hs7aaalfl6kdopl52o54q8vud3ht1/75r4shpgm2co1ncaic1ljde0kcojgbv6/1476280800000/.../08406714810118353681/0B6_IzLXmdeKMVmlSOE9RSTNmWWc?e=download

http://s7669.chomikuj.pl/File.aspx?e=dEOA5bRvOlKARl9bZAbnQmPvoYglahlgDzSQaCRUnRqPlmhib20HBshsd63zmbtVcp9PRor7Mq4eSxv85EWngFTGhKmAiaeyHPDsGLleFKUDtYxiPls5pua1xuNLfHJOcl6SWvin9NioI8AmO2t5GXSFG8mpxsgCXO3K05PzoZo&pv=2

http://s7669.chomikuj.pl/File.aspx?e=dEOA5bRvOlKARl9bZAbnQmPvoYglahlgDzSQaCRUnRq__5o9Dy9ZQrc8Jiq9Md--SbXgK2EQ3m4A0lMF50AjoxvQjGHE9i68mcJBmNhkb1a0Scatb08SE7HHXEQ7GdrUsVfAW2tjS7NCpqwg92Dz-9-vk4LI2XQgrk0F1Fb2Ot4&pv=2

http://s7669.chomikuj.pl/File.aspx?e=dEOA5bRvOlKARl9bZAbnQmPvoYglahlgDzSQaCRUnRocIs_TnbKfDNbZlA6h7o0dAeyXzoBu67NteQ5kN-ZUzBbKEGQ2r8v0QKPYYrDk6KTYOi7GTVVcmoFNM9ZGvyX1lNGLvtrsZd_B4fyg_qGbZzDwQWMdltgFjXK3d2ADTNs&pv=2

http://s7029.chomikuj.pl/File.aspx?e=dEOA5bRvOlKARl9bZAbnQmPvoYglahlgDzSQaCRUnRpaR6BUN0HjsdgeS8XA7mZeQS2u2KuIHkIQD9_hyGw1EE2-2urMsMSAKI1d8iWujiITSgKFRHtsi71teRnpNJ3-LLb8AYM5yIajmFth7SbaK_ya1lnUaeoK_pO9f8wy8Ir8HvsxZrw6NYbr9yXis3aO&pv=2

http://statik.kappa.ro/download/padsource/.../Office_Professional_2003.exe

http://filez.kappa.ro/download/padsource/.../Office_Professional_2003.exe

Scan office_professional_2003.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.