home

phototocartoon_setup.exe

LiangZhu Software, Inc.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.downloadpresentcity.com and multiple other hosts.
Publisher:
LiangZhu Software, Inc.

Description:
Photo To Cartoon Setup

MD5:
f5f991e1c1cfe49e5fe74c64166cb946

SHA-1:
08a60153e7007218eca6fa31b2c5a17073dbf4d3

SHA-256:
3a16ab178636326bfb9ecedc5d1462c29f194f52a3ef1488676727573c6892da

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 9:19:17 PM UTC  (today)

File size:
839.7 KB (859,894 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
English (United States)

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:jmkOy/h5EX8s8D66MLiyHXG45jTi4fz4TMKb+EH4dsZJg9AHJismIniN28eJv1oa:jfOybxDD0DXTFB0/4ab3HMs028CmjtOj

Entry address:
0x98D8

Entry point:
55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, EE, 97, FF, FF, E8, F5, A9, FF, FF, E8, 20, CC, FF, FF, E8, 67, CC, FF, FF, E8, 0A, F3, FF, FF, E8, 71, F4, FF, FF, 33, C0, 55, 68, 82, 9F, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 38, 9F, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 26, FA, FF, FF, 8D, 55, F0, 33, C0, E8, E0, D0, FF, FF, 8B, 55, F0, B8, D4, BD, 40, 00, E8, 9F, 98, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D4, BD, 40, 00, B2, 01, B8...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36 KB (36,864 bytes)

The file phototocartoon_setup.exe has been seen being distributed by the following 2 URLs.

http://www.downloadpresentcity.com/La84WhKKoTkCWSOaKAj6w9wgKIuVPsMVQPCeqo8nXKnw9zltJYXZJpQVRzJKH1mFmMV3mDfnxixYikfGcp Nnjw_Ao_gOhDGgbk5 6XQYNu6b1f18LwBdYFy16ujooRoijcSPbSgiXuS0pGFcICmKaEfZK Q9f6NKK9gT_HjbZcelnki5horjMqo4WVeeTTvGqNmzrA6-GxkDAGTSLaosOMED94qINhlMV1GYyAF7Wwwxn8TeGweerDHyswjMT7mt9dzsxTZ_8R6rIleg10u28wOYiOHpN6 6ZAcjTLtNEKm 9K9522zLQZ78VQe40rJMoeSd_65HwkeshTgEqtruZCwNNlZSvIdsj4z9nOhua1_ J7LzDKlSP17jadmWnEwuLlpL SQaB8MuxVI3Phyt7NvHWPtZ2H7ZCynNW9lE2oWBtM07V4q_PYlbpgDIoDG3w2DjWvPZvRKFcv04PNXn6HnWckfDiaAvmuoIlQLmDWtUgBaj1tlsPWsru_mOFU0Je dx_lZPN7QXLtwmUzzbp_skj vRdkbce 6LgtIi2XQbADqyY5EBiPDRXTqMqCWwMz3EpsirTxFNO4z6oEX1aO93o YfEhfE7obr64qe 3w_dS950VX53dr9yLe6V1xxRHzjPvkMLKD7ymsCDjEN9Uy67Ne7mNPRza6EeAjsJYfmzVGLmuxKQVIq6KFUgfAI2kNvLtEAKCOS6231 l5N5lUV1QI7xlIGrLKhKAtGE85dn3gPFB0gg1QtpvXo8OT0qny9nCnmrQO92Xt4s9NeCAq xQrtt0uIPRNZoM9ndyf5OyYPyBfTQcQ2WqcoQwDlUPV6SymL A4QErO46r1xNbGDikWrtVnVR89H7RrqC77e45FIMHu0jucgS AikzVPz 6qS7Hr3yx8oEDlKzC7fvRTwTiOc_xvM1PL85W2Cc5LE4fRVN pwK4ORjEAqN3OCu9m

http://download3.fyxm.net/14/.../PhotoToCartoon_setup.exe

Scan phototocartoon_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.