» passware-password-recovery-kit-professional-11.7.exe
Overview
Analysis
File Details
Downloads (5)

passware-password-recovery-kit-professional-11.7.exe

Passware, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.downloadpresentcity.com and multiple other hosts.

File name:

Publisher:

Passware, Inc. (signed and verified)

MD5:

06368f1ef6c51942df1ddb963fda3bea

SHA-1:

d00858dee6e421369df1d1006e4cb4d884948b03

SHA-256:

e39938a86eb6404419570acd30c4eac6a6ead9704bfe4796505ca2dc69189688

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 1:23:16 AM UTC (today)

File size:

28.9 MB (30,261,248 bytes)

File type:

Executable application (Win16 EXE)

Common path:

C:\users\{user}\downloads\passware-password-recovery-kit-professional-11.7.exe

Digital Signature

Signed by:

Passware, Inc.

Authority:

GoDaddy.com, Inc.

Valid from:

7/30/2012 11:17:19 AM

Valid to:

7/30/2014 11:17:19 AM

Subject:

CN="Passware, Inc.", O="Passware, Inc.", L=Mountain View, S=CA, C=US

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

4EC2A5262D5AFF

File PE Metadata

OS version:

0.65534

OS bitness:

Win16

Linker version:

254.255

CTPH (ssdeep):

393216:IhfLyYe0UarXfTv7qh0yKxSyV3ba1Cmkf35iTAxDRj7FISpt/E3+ArgybE73ta/H:kf3XD773GCBicjhptc3nrRKQQ+

Entry address:

0x80000

Entry point:

D0, CF, 11, E0, A1, B1, 1A, E1, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 3E, 00, 04, 00, FE, FF, 0C, 00, 06, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 08, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 10, 00, 00, 02, 00, 00, 00, 01, 00, 00, 00, FE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 08, 00, 00, 00, 0C, 00, 00, 00, 10, 00, 00, 00, 14, 00, 00, 00, 18, 00, 00, 00, 1C, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF... 
[+]

Entropy:

7.9554 (probably packed)

Code size:

384 KB (393,228 bytes)

The file passware-password-recovery-kit-professional-11.7.exe has been seen being distributed by the following 5 URLs.

http://www.downloadpresentcity.com/SpRTSbGhl1ciUvv5_c07RCOacB hU4JAWYp6ZOc_fvErHNLnwoI31VIR6IUee3tzkhybb yaa4GsxO4sApT3yZXPy_F_15fv3MZINLoPWQiiyQ6B_00Tf0mbIue4QhtrYYACL8JeiUmgwSpgdimlS4vZCpnR t7Do5_m8PJ W7I0IqIUuEU6D254Ehng 0MQhWpK602H-GzUDAGTKTaosOEH0XnEJ1jAsZknAYSIH7G0xxHwSe28ceLLGyM8iMFewz VYHfk bnhvlrvEl4sknjX5JoEp7jMMEaZ_tCIluzV_VQ9dXu_ka6moUoHrRpgT3qLVCVz6w9Dfb5JrYfbebwwIVIynhs6Mi2vokgsXnM RPBRLukUloqPoLHTHEvFtTGN_r8ux5f7B9zprZNeRfl46HCoOqAwAwz59yO6KhlMX44PweRKE3GRNIp3UPJnaau7nDobY80_bL6tAaqAE7JP84VpjjKHBml2b7xLfRPyMsaX6ZiRDuWQ iZVJVcT doi0jUxs82paCV o7jDCJg kl6nDJiLUclzG04cZxo149J79 Tqw9 TW4ReqOgdi7qYugLAIVFdgu3Htr cu15EIuBcxvD0SbE_9gTny4pZ0TG32AV3HLOfFGfDH67iS2k8sZAlygvKGLBDhDQY54VhE00lbJldp4DiFDpAxUhf_OPxev5aRt7UQWxanvOzZu9nUj5Sgsb21RzXZiqLSIW0qchEtKDLw6UI2e2WTv5hPk NetlA6lfZABDtq4OsLizQq2zjbPAo8foDTj Hqr0zOJ5XUi1PYo1AqUvyuDHevE_zaf98TXh4FBB6EhQg eDlDtUUmP0fDLBNiMVInIgn0mBA5tIUW1n_aNOGG227UVu9MWsIg2thUtC1a7kt_sa7SVm04Bl xVR8T5K0qo1tBnQovuUqWRpBHzRKRn5YNm_Off37KyMqycpDG4hm0ITjY

http://www.vaultsfarmhosting.com/TPvuNCijy27UxWc0GGyKfWdSKX3kplpV6dq2I7McNGtVxsoMUYzk184lvQO9Sh1rbi w_Ap9DCK6VlGJunuT5cG9pYIdizv5onQB90JvCKpinhHERazt_qunii_CnpZIv4f6eY7rbfSH kTAUOntdVkoQ6XMU6OtvrxLF3DxGlKQcy7zYumBhcYVWsVR vXNo5dNUVA_g9XwjvJFA5OXrZyr4Q6LEpMG0 9fngH1bOG_O0jO_FI=-G20AAORwXUznqdU9ADc4cEqoxGJJ04BGHHbAjG8y_GCN29ZgUS9DnrECmLsz1OUkcdFxEA5G9UJKpp9JigFCSM4b4MkrH7Wx9ajgqLuJP4z9BQcCjLNflzzhfPY=

http://www.downloadpresentcity.com/FJdKJSTneeDXBEplvumjKFKoN nJJjyNRP7xNbn4FyVs9ppfFDf4kHcpABH52gT4fH3MpT2eX4Am1p8YJoOppodVQDcP1AtNMVrlHJ2rUZKXbuQiZyLBnb9WSDaGuZQhxK8rE_p1Vyzn4riEJzzBXnjpnO4WQzcq1cj_1J5ZSmaoAt2m0nx26DJnLvcbnOv9j4ebWR0VdO8IZvyfibiPDe6DfI4KVdFt qKZTdNYpV3bUzuPyuM=-G1kDAGSedtEfDy0C9zOAl16eiYKJHLC3xRDzSey9ceDJGiM_i8Dc8mMs rMjn7He7znLtOn0M42Xz2ODMK93xoCGzkXyyuBprIbYQsBkSofvJshhV82pQODq8nAdpuO1Seo4SPX1Hfu5cW 9mpo8TCfy1v1JWBiGQK8dUlrQR9Swfv71Iv6GFY2Xvcka04JSCmMv7sa0JP2_jBQjXdVw wDuaywty2RYJ8QRybDIDZrG73boTMnV7nZk3eyIuHv0RTJJLOfKU bUzzjdfSZMzy_aTr7MLM ExNRLVRbSHGPoFUYrLKJyfmGzF5vK PZVBFhjQFDaF0o_cZv rmtIuiIeXRhGYosDb6hpbPErFvUMolkvUVFx8Da4QqmTelGttd3L0XzSHNYS3H3qUHDbIeqZplAsyDW0WVgwexAl7IAgehIjvV9ccSYrfiiStzQP1Sp21rtZslQ3DvbQPxTDoMylDphrBbn5UmCzabWJ0Q6Gz4i7545T9SGgy tXVtdZhcgTMsIn9NHKqs1m7vNJjO_E6mrmTVC1ziNy88FW1dnv3DLv6Nqyg4IYY6hHq_bUXYGVtuPOkGIH3JTpNDsoLxh0t4KU6R _GWqktnjztCcHarWzqMI9BD2bEyBPeUAbotmLJKCT_qw4GpyzviVYrtg8tRxxXMmd_hxSqrqkeJdFhgzVjg9lMW2ANoFgPu2xUC0wRRwguG7C5I8

http://www.vaultsfarmhosting.com/c?x=t4KiGb8hncNLpulYzu8VhjbryaWCjStnyvUrCpjIDNY=&c=PjmMYmYMTPCxHAV9p7enwxjr8UZ6QqynG29JcsGCz5hkv2Ofcr fg0WUYq3mlJi0WZh8clbHoSsixpA6c54FJywNcSMchiGp9nYV8zY6r5rhwoE8caYSV02HGFFwct26dzb8eZLa2wJIppsgV/zT3A==&e=0&downloadAs=passware-password-recovery-kit-professional-11.7.exe&fallback_url=http://pf.benjaminstrahs.com/s/1467727125/en/2/.../231876-668453-passware-password-recovery-kit-professional.msi

http://www.universequicksigns.com/c?x=Y8D2sK8bNo7sEd6lu3PiNZCaJl4JryUUJQ CAyWM/yE=&c=NbJ4lLo5mHYs1UC5n ZX0NClcSRKGNCGobXSMkiN76E/m5/hf y1ePHBH1Wo1qzh6G4UhP8NEVndS7dUPn7etK6MUIYfHIgvTw3C3ZwT8dgcw4SRZgY6BsF4GlnBovomTu64gAXkfU6oueibqAxYow==&e=0&downloadAs=passware-kit-professional-11.7.exe&fallback_url=http://pf.benjaminstrahs.com/s/1463694193/en/2/.../233545-670708-passware-kit-professional.msi

Scan passware-password-recovery-kit-professional-11.7.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.