home

sc2011w.exe

Descompresor

Eco-Horu

This is a setup program which is used to install the application. The file has been seen being downloaded from eco-horu.com.mx.
Publisher:
Eco-Horu

Product:
Descompresor

Version:
1.00

MD5:
fea336e3e487fbb76313b006564b7aa4

SHA-1:
1a85da4b13c4d7085d82f353f86945fcf8cc3c69

SHA-256:
f2bd1577245116d0ff5e7d428c541d0bef3958a51c77c72c8c316076572068df

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
5/26/2024 2:36:51 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6379

Qihoo 360 Security
HEUR/Malware.QVM03.Gen
1.0.0.1015

Trend Micro House Call
Suspicious_GEN.F47V0314
7.2.156

File size:
2.4 MB (2,479,256 bytes)

Product version:
1.00

Original file name:
Decompresor.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\users\{user}\downloads\sc2011w.exe

File PE Metadata
Compilation timestamp:
10/25/2006 6:14:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:PNnoQs3e8YMQr6Slg950La+dOERIVQnWLp7zR3jnNvB07clVm0jPu:PNoJJQeSVpdObmn0p7zR3jnN+7Uhzu

Entry address:
0x118C

Entry point:
68, 90, 16, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, E7, E4, B9, 52, 24, 08, EF, 4B, 92, 7F, 11, DD, 01, DC, 1E, A4, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 44, 65, 63, 6F, 6D, 70, 72, 65, 73, 6F, 72, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 02, 38, 5E, F0, 93, AB, 91, 68, 43, BE, 22, 29, 81, E5, 70, 49, 26, 9C, 2D, 16, 44, C1, A5, 06, 42, 93, 03, 05, 2B, A8, E1, 4B, 63, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
52 KB (53,248 bytes)

The file sc2011w.exe has been seen being distributed by the following URL.

http://eco-horu.com.mx/ARCHIVOS/.../SC2011w.exe

Scan sc2011w.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.