home

psgold_70_3514.exe

Photodex Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from www.towerbitscenter.com and multiple other hosts.
Publisher:
Photodex Corporation  (signed and verified)

MD5:
5d103d897ce6073616d4333d6016fc47

SHA-1:
0893f922d020e2790bd799bd6610787613df43d8

SHA-256:
fbd21f2eb5d35ec2926ee7e07880926580c079919d925c942aa942d57bc4fe67

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 9:16:23 PM UTC  (today)

File size:
44.7 MB (46,883,848 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\photodex.proshow.producer.&.gold.v7.00.3514.incl.patch-kng\psgold_70_3514.exe

Digital Signature
Signed by:
Photodex Corporation

Authority:
VeriSign, Inc.

Valid from:
7/4/2012 7:00:00 PM

Valid to:
8/29/2015 6:59:59 PM

Subject:
CN=Photodex Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Photodex Corporation, L=Austin, S=Texas, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1C403FB86E672A8DDCEB3F3B12772181

File PE Metadata
Compilation timestamp:
12/15/2011 11:40:04 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:ANqV2zxR7G8V7JYJSCjjYQY08f2doIuqTL/+OEc/lnHhIbC+D1gYTDOrsfbgNhOe:axHtYJNC1qTL2yZHhIrD6rsjMh3

Entry address:
0x5404

Entry point:
55, 8B, EC, 6A, FF, 68, F0, D1, 40, 00, 68, BC, 78, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, E0, D0, 40, 00, 33, D2, 8A, D4, 89, 15, D4, 24, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, D0, 24, 41, 00, C1, E1, 08, 03, CA, 89, 0D, CC, 24, 41, 00, C1, E8, 10, A3, C8, 24, 41, 00, 6A, 01, E8, 02, 23, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, AD, 20, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
7.9981

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
48 KB (49,152 bytes)

The file psgold_70_3514.exe has been seen being distributed by the following 14 URLs.

http://www.towerbitscenter.com/ NuxQZfRPavbY3gyEB Ihvgl1Uo8ZCtXc1h7SqTKcwlBXBuT4dmWRaEc4R17BeD4ot1R GwRJb31rOznoXmfQVTgCy0qzcEn2vCw9yGMBV5aKc0F7HJOnAJOddZp2J2jDkAloBSgcYF7jSyaoNwUuBTsLCSInEKottOG6g1ZQcIFAx200Kzg3pIdD8J3GlB8AE_hm2CMRHG4RnKHMrgNcSdbBTN4SA==-GzMAAERPFtsxTIuKd5sCHHLg8N0CKjArNzC1xoiCX8CGLxJS2WPfLm1PC_AJ

http://www.towerbitscenter.com/ZAvbzw1uZcmnkBc5_0Z3eN93_G_4FhG8C9SOHlCXxQF7KjQrP9Q ZxaFn9f9T7XrGOsPsvEZGYqF8IvLnzgX3TVubhvfioP0vfmeQdkx3_tGuoiZsROKkeKorTOWBdycrpyAsZybKodV RcVsKPDcE6xOQ0Su tA3nG4DbCjXk_88R0T4f3oNfHnSc_k87kVtQAooTELr1v_ UaF5w8G68wboxpCVg==-GzMAAERPFtsxTIuKd5sCHHLg8N0CKjArNzC1xoiCX8CGLxJS2WPfLm1PC_AJ

http://www.towerbitscenter.com/kNk99c1skZenpwcUQtIq9TSN4ml0UM3tySFcUbaFe_tIBGTWofRWlmw5IygJ96eHlLHmyPhCIkgIUWubG3WLNqiVVmL2sIW5LP2RT3gCoS7bmlbDiNb9EZ_ZZ1gtWv1qCU5eDC4VGm 7bCr13ixpR W4hqJe6tAl2YLauEILSCAds5b5W1h haEn7owi3jdozz09uW FDGeieOfkHW4GXDFh_C5hsg==-GzMAAERPFtsxTIuKd5sCHHLg8N0CKjArNzC1xoiCX8CGLxJS2WPfLm1PC_AJ

http://www.lo4d.com/get-file/proshow-gold/.../

http://www.ranchsendgift.com/35443E13x95RFhs0BrGgzNX90by2WIzCQSqf MrVrt7HSJLjUqxO_FRT8gR MTpAyIMxsrER xOd4bIg6ptqHioVUnJnWJeXWE9R047HDygg zoB7icq4rNmw7bz9K0KOOaaosJ0jd3Ii7aCV11qR68H1oCdtx0zVYYzTL5m4AE81Pd6Z1861cDTLre3yFAuBzbWPbsEHk1 r5Bq kEwNx_VxlfMdg==-GzMAAERPFtsxTIuKd5sCHHLg8N0CKjArNzC1xoiCX8CGLxJS2WPfLm1PC_AJ

http://www.ranchsendgift.com/eqKXSRzmx30Z j5oJ3FHItUsr2QDR1_ilHcdxFGugrmwNkbnspq8Q4yvi_k4bUx33qhZEen5ZG55Q2za_zoUDXxrEjTvIRrUC61ozKgMy9ECptGgKqEd_jbN8u5oNJWmiDG LG6c6vzEXcTOq3FDMxpjy7RRKoOFgY50ABgXgsflCDnZ3vNLU3UKzfi0e82W1mJqW3fLacDyPtjoHhk8o_Buh06fFg==-GzMAAERPFtsxTIuKd5sCHHLg8N0CKjArNzC1xoiCX8CGLxJS2WPfLm1PC_AJ

http://www.ranchsendgift.com/6ZHWIDbiQzegO NgJK_IkxFdAJKdlMNTMXPdF96lM_JXyPL_zysiVYf3i1yNmAGpvaZpIt45zrUZJBSARVRdMa 1vgdp5bCQ7_4KwoU79TQvHmdjuhfZR1_w63xz1 Z_ORINHsUdekduHbsQ8HJ9gpCEHQ1x1apCUUPfREKniOA_byCvIu6Lsv2nL20lCmHZvQ98oNxBXzxtb4roFLmzhl5E6Nr3QpfgxCiwwERyIr4mNFLM3zfuHCFCUkP1Oq64h5I3EgEA3dKH7iB_ILtGagntE6VjtcAYmYlKO7CU_mXb19Dr 4vunvoow4vUgOvIF7K okmNjKbniIg1d1k2aAmeZAWCR86bicBd838up3Hu_2Iqyi_AzzCwLWASrX6K1u8wUZKXoKrFpUDcOJOWTi9uthvm_AQkjB8eleA1Oncjg6wEChBJ7ZTKG1_mrIV1OqrHDnOTsG84dWUcFiNAsRNBxnSl4i0YgPJC8AUEAAyrsQjTMCkhuHyIF9OGjylGx8LrdRx72qaOtj1FLAj2BFryakKC0UxemEqiN9wlvbSwLgXYNPqtddiR_KODoXifqkQe1_TP-GzMAAERPFtsxTIuKd5sCHHLg8N0CKjArNzC1xoiCX8CGLxJS2WPfLm1PC_AJ-e

http://www.ranchsendgift.com/jXK Z8mqO3wAlm1KBmsbP91onDWwUIwHatNY5w5bFTKieOXAPnIndTURU03cZ2fM48D2rNRiBn9sqoP68LaP1WMsJ2NDfGx7WosnLVjOJSXO9wwgMEPTni4tQXYRlhWejB2n3cYD5HcIkA12_Mlx5hE7ssfSpQy1tNq2Ok454crER2Wj6yROQYEyDmlWtYW3AZTCiDrIouMm cFqVgKSZtlleAj2pQ==-GzMAAERPFtsxTIuKd5sCHHLg8N0CKjArNzC1xoiCX8CGLxJS2WPfLm1PC_AJ

http://www.ranchsendgift.com/gALW_0fKKTi1FwZ6fGnHOPEg1pg6k_ KHWg8G23HaZ534etKPmQT3KdpqJEs25FYA09n4ZCmB47jUBGOt72wLc_XjHVpagxencZh1Pm7EjIC1hc83 syp65uD5YAw4nY43sqtYUD3RhD3Zpu543UKxEXgM4y2DOdZE0Xowy6CbHpo11RamW6IZ2h9BvVCjE_EcRDnJW_6epCr9bc Tswa M3ZFHQA==-GzMAAERPFtsxTIuKd5sCHHLg8N0CKjArNzC1xoiCX8CGLxJS2WPfLm1PC_AJ

http://www.ranchsendgift.com/npxV44tn SXtiRjwO2hEu0ghJ8r5ZHGxNvXUB6Be7fYzamGHb6Gh_3on 3265usEkPKYC4ztCMyhIwi9fgAbXI7Aue6usLTFKUbfo87rwt_n7utBlme5IsiXgQQZAlkkytmEHZ5MV_FuS2BTSnQRtFYHMU77egAAq2UPxJcBHN6B0GppqINSzaCs8qGBCp7qQHc2EJBJK8Z iwMvU6InjY7Mc7Ckyw==-GzMAAERPFtsxTIuKd5sCHHLg8N0CKjArNzC1xoiCX8CGLxJS2WPfLm1PC_AJ

http://www.lo4d.com/get-file/proshow-gold/.../

http://files.photodex.com/.../psgold_70_3514.exeundefined

http://touch.kaspersky.com/.../1454287384

http://files.photodex.com/.../psgold_70_3514.exe

Scan psgold_70_3514.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.