home

puush_is_still_sorry.exe

puush

Dean Herbert

Publisher:
Dean Herbert  (signed and verified)

Product:
puush

Version:
1.0.0.0

MD5:
b8bbef3f4d7ba13c5bde0849731718dd

SHA-1:
94ae2e5328e804a5faf53d72b146b1d63937d48f

SHA-256:
4e2e5537cd25d8389efb814c8494896408697095a19e6972a6d8e2e17d6d9601

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:05:19 AM UTC  (today)

File size:
574.1 KB (587,848 bytes)

Product version:
1.0.0.0

Original file name:
puush.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\puush_is_still_sorry.exe

Digital Signature
Signed by:
Dean Herbert

Authority:
COMODO CA Limited

Valid from:
9/27/2012 6:00:00 PM

Valid to:
9/28/2015 5:59:59 PM

Subject:
CN=Dean Herbert, O=Dean Herbert, STREET=41 Gregory Street, STREET=Wembley, L=Perth, S=WA, PostalCode=6014, C=AU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FD15503D4AF404C84200F5CCC3C99380

File PE Metadata
Compilation timestamp:
3/31/2015 6:58:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:393wni429Ai6i3wnjr3wn447yA1+k0gCbaa85:BY2dSk7Lb0vbLO

Entry address:
0x264F0

Entry point:
FF, 25, E0, 64, 42, 00, 00, 00, 5F, 43, 6F, 72, 45, 78, 65, 4D, 61, 69, 6E, 00, 6D, 73, 63, 6F, 72, 65, 65, 2E, 64, 6C, 6C, 00, D9, 76, 05, 00, 7B, 7A, 7D, 01, 00, 20, 07, 00, C9, 76, 05, 00, 00, 20, 07, 00, EC, BD, 07, 5C, 14, D9, D2, 37, DC, 33, E4, 9C, B3, 08, 28, 88, 81, 28, 08, 48, 16, 90, A0, 08, 22, A8, 80, 48, CE, 19, 86, 9C, 11, 49, A2, 80, 20, 48, 8E, 12, 14, 10, 10, 25, 48, 0E, 02, 92, 33, 2A, 39, 27, C9, 92, 43, 7F, 3D, 80, 77, 59, D7, 8D, CF, 7D, EE, 7B, DF, DF, F7, D6, DD, BA, 35, D3, D3, 7D...
 
[+]

Entropy:
7.1666

Code size:
511 KB (523,264 bytes)

The file puush_is_still_sorry.exe has been seen being distributed by the following URL.

https://puush.me/.../puush_is_still_sorry.exe

Scan puush_is_still_sorry.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.