home

update_org1.2zu1.3.exe

Paquet Builder

This is a setup program which is used to install the application. The file has been seen being downloaded from www.rjosephs.de.
Product:
Paquet Builder

Description:
Paquet Builder - Enhanced Self-Extracting Zip Archive.

Version:
1, 5, 0, 2

MD5:
8d07e74bc151d217d4f028f779cd91d0

SHA-1:
a3ef8dc8fbdb9fe44d48eae18151a12fb77293e3

SHA-256:
dc7db722337f6b6a7c2303375bc834094a668f5a651da54cff3a714bb01c0437

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 2:09:13 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
TrojWare.Win32.Kryptik.ATA
17659

IKARUS anti.virus
Virus.Win32.Heur
t3scan.2.2.29

File size:
2.3 MB (2,409,697 bytes)

Product version:
2, 5, 0

Copyright:
Copyright © 1999-2000 by Guillaume Di Giusto. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\update_org1.2zu1.3.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:9HgC8VSMtsMcN2Riykx2fj/lbBeoGvEX+eJMHQKDlMJVN8OrjgWF0AQ:2G4NW9qTea+93DlsVQ0w

Entry address:
0x22001

Entry point:
60, E8, 70, 05, 00, 00, EB, 4C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 87, DB, 90, 00, B0, 41, 00, 08, B0, 41, 00, D4, 94, 41, 00, 10, C0, 41, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 20, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, BB, A4, 39, 44, 00, 03, DD, 2B, 9D, D5, 39, 44, 00, 83, BD, 04, 48, 44, 00, 00, 89, 9D, 04, 48, 44, 00, 0F, 85, 66, 04, 00, 00, 8D, 85, 0C, 48, 44, 00, 50, FF, 95, 18, 49, 44...
 
[+]

Packer / compiler:
ASPack v2.000

Code size:
92 KB (94,208 bytes)

The file update_org1.2zu1.3.exe has been seen being distributed by the following URL.

http://www.rjosephs.de/.../update_org1.2zu1.3.exe

Scan update_org1.2zu1.3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.