home

prim_loader.exe

Zimin Sergei Aleksandrovich IP

Publisher:
Zimin Sergei Aleksandrovich IP  (signed and verified)

MD5:
3d389069ad7889dc46f904620486a2f1

SHA-1:
e5d377f4972c3129462446de60817f8d24bf32fa

SHA-256:
1ef0aba189d2a6132a27a50392ee2f5f919e3876c31581bdd94ce82ad1880263

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/25/2024 11:31:28 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Norman
Malware
11.20140316

File size:
331.3 KB (339,248 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\примерчик\prim_loader.exe

Digital Signature
Signed by:
Zimin Sergei Aleksandrovich IP

Authority:
The USERTRUST Network

Valid from:
1/24/2011 4:00:00 AM

Valid to:
1/25/2012 3:59:59 AM

Subject:
CN=Zimin Sergei Aleksandrovich IP, O=Zimin Sergei Aleksandrovich IP, STREET=34/6-36 Leningradskaya ul., L=Murom, S=Vladimir rgn., PostalCode=602205, C=RU

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
008E477F257A255CC19F18A2C51B64988E

File PE Metadata
Compilation timestamp:
11/30/2011 12:28:16 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3072:r50wjQo04CwTLnrtigMnDidY0N0xvd8h24vzHiDUcP62L0SsI4Tz42B2AeEyG6B9:r5RjQH4LigMDidK6bvzw6eEyJBrzeZDm

Entry address:
0x4D9B8

Entry point:
55, 8B, EC, 83, C4, F0, B8, B8, 89, 44, 00, E8, 78, C1, FB, FF, B8, 24, DA, 44, 00, E8, 56, D1, FB, FF, 8B, 15, DC, F1, 44, 00, 89, 02, A1, DC, F1, 44, 00, 8B, 00, E8, 5A, D4, FB, FF, A1, DC, F1, 44, 00, 8B, 00, 33, D2, E8, CC, EE, FB, FF, 8B, 15, DC, F1, 44, 00, 8B, 12, A1, 54, F3, 44, 00, E8, A6, A4, FF, FF, A1, DC, F1, 44, 00, E8, 68, E2, FB, FF, E8, B7, 86, FB, FF, 00, 00, 00, B0, 04, 02, 00, FF, FF, FF, FF, 0B, 00, 00, 00, 70, 00, 72, 00, 69, 00, 6D, 00, 5F, 00, 6C, 00, 6F, 00, 61, 00, 64, 00, 65, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
305 KB (312,320 bytes)

Scan prim_loader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.