home

prodemo.exe

Proteus 8 Demonstration

Labcenter Electronics

This is a setup and installation application. The file has been seen being downloaded from vrmaload.com and multiple other hosts.
Publisher:
Labcenter Electronics  (signed and verified)

Product:
Proteus 8 Demonstration

Description:
This installer database contains the logic and data required to install Proteus 8 Demonstration.

Version:
8.4.21079.0

MD5:
4fc5e4aafaf9119b26aff139b6dfbcc1

SHA-1:
fa25217cabb75f182cba5dddf839e6afe610be9e

SHA-256:
06a09f181c918e4d36d2035be49342cdb3abb17e650d19818820625dc46bde4c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/24/2024 7:44:57 AM UTC  (today)

File size:
267.2 MB (280,152,664 bytes)

Product version:
8.4.21079.0

Copyright:
Copyright (C) Labcenter Electronics

Original file name:
setup_demo8.4.21079.0.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\downloads\prodemo.exe

Digital Signature
Signed by:
Labcenter Electronics

Authority:
COMODO CA Limited

Valid from:
7/18/2014 7:00:00 AM

Valid to:
7/18/2016 6:59:59 AM

Subject:
CN=Labcenter Electronics, O=Labcenter Electronics, STREET=53-55, STREET=Main Street, L=Skipton, S=North Yorkshire, PostalCode=BD23 5AA, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00998D4A34793D9D0221FC3316727E1332

File PE Metadata
Compilation timestamp:
6/6/2011 6:54:16 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6291456:zm9VpNVlszlTgl+MWthOWrd6xmaXLHdobIwd/urLdK:cvkztgbczrUxbHdeLd/uXdK

Entry address:
0x2C65E

Entry point:
E8, 8F, 91, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, 53, 56, FF, 75, 10, 8D, 4D, F0, E8, 89, FA, FF, FF, 8B, 5D, 08, 33, F6, 3B, DE, 75, 2F, E8, 3B, 2B, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, C3, 2A, 00, 00, 83, C4, 14, 80, 7D, FC, 00, 74, 07, 8B, 45, F8, 83, 60, 70, FD, B8, FF, FF, FF, 7F, E9, C0, 00, 00, 00, 57, 8B, 7D, 0C, 3B, FE, 75, 2F, E8, 04, 2B, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, 8C, 2A, 00, 00, 83, C4, 14, 80, 7D, FC, 00, 74, 07, 8B, 45, F8...
 
[+]

Entropy:
7.9961  (probably packed)

Code size:
246.5 KB (252,416 bytes)

The file prodemo.exe has been seen being distributed by the following 8 URLs.

http://vrmaload.com/?smd_process_download=1&download_id=322

http://ultradownloads.com.br/.../2,1175477.html

http://download.freedownloadmanager.org/Windows-PC/.../FREE-8.0.15611.html?acdfa

http://dl3.vessoft.com/files2/p/proteus_windows/8.4/.../prodemo.exe

temp:prodemo.exe

http://s3.amazonaws.com/labcenter/.../prodemo.exe

http://www.labcenter.com/redirect.cfm?go=prodemo_download

http://proteus.software.informer.com/.../

Scan prodemo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.