» webshots-desktop-3.1.3.7504.exe
Overview
Analysis
File Details
Downloads (5)

webshots-desktop-3.1.3.7504.exe

American Greetings, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

Publisher:

American Greetings, Inc. (signed and verified)

MD5:

26cb8bb8780b99bc4da905600d71ea16

SHA-1:

2093f20f264ae32bc8f5782511da7934f7ecd5e6

SHA-256:

d5406165a15a246731d7ec1dca4b184ed09fe4ca871bc778539a60e97228376a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 6:52:02 AM UTC (today)

File size:

1.4 MB (1,483,568 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\webshots-desktop-3.1.3.7504.exe

Digital Signature

Signed by:

American Greetings, Inc.

Authority:

VeriSign, Inc.

Valid from:

10/5/2006 8:00:00 PM

Valid to:

11/17/2009 6:59:59 PM

Subject:

CN="American Greetings, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="American Greetings, Inc.", L=Cleveland, S=OH, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1B19336ECEEC6FDE6D5E559B9065B037

File PE Metadata

Compilation timestamp:

1/31/2008 8:58:51 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

24576:P0w8OBDTOtWQEdt1sfPgE9isM9TEv404yAuJDVfjYUf8E:ni21sAE9xMPP1uJD5Rf8E

Entry address:

0x3F3C

Entry point:

55, 8B, EC, 6A, FF, 68, 30, 54, 40, 00, 68, BC, 40, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, AC, 50, 40, 00, 59, 83, 0D, A8, 75, 40, 00, FF, 83, 0D, AC, 75, 40, 00, FF, FF, 15, A8, 50, 40, 00, 8B, 0D, A4, 75, 40, 00, 89, 08, FF, 15, A4, 50, 40, 00, 8B, 0D, A0, 75, 40, 00, 89, 08, A1, A0, 50, 40, 00, 8B, 00, A3, B0, 75, 40, 00, E8, 10, 01, 00, 00, 39, 1D, 90, 75, 40, 00, 75, 0C, 68, B8, 40, 40, 00, FF, 15, 9C, 50... 
[+]

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

16 KB (16,384 bytes)

The file webshots-desktop-3.1.3.7504.exe has been seen being distributed by the following 5 URLs.

http://dw.uptodown.com/dwn/KfWK4R1He4Lt1vjJ68gZ_0iDnKbv-7uEsOxye4BX74DHfidTh-5b84_KcY3jDaGYvDcjbogETWkIaAT_gVpMT6nMZ9NTmuJyuVHtjUjJEQXh3gh5Bqzxt320aADnC9Xc/XWKKbWE5CqBkWRyyXmXHogP9zI9RGQgv80SyHP6nRa3twm2VfupE2JXINFzaI21hbTNKO1eO6uj5jviMsIFEBd84OjEkAB_7aOi7C9q3ri2eeBvjBqV_LdgioWG47Z3u/fTAyrsI0RDlq13tGT-xJntq6ljbocTyTQr4xcHNbpphIXQu7Gb_YREOTJODgvi0kOsHA_MEHORT48lCm7ftuy9EpsogCg6DYvp_C9R8S5EdL6kGv25Q2tc26_WCXKExu/.../

https://dw11.uptodown.com/dwn/IsXG1UJSUJ0jrP-f6KFT2uwbwYF9B6PxIndAiD_btfqdBCBIV94MDaniM8TLB3DxsENjKxKvaU-CxKX3faa_2wnA769cPrcabtBr-bNd1Aq2WzHZGKmsTWKNLPekdN5V/IzgJhgZ1qMtBa5vly2YizHJhWJiUhrxtTukR-VgFTYcOlvmrewpbz7IXdSQfjupt5sjgr0OJKLZBshUjRUS-1n1bkdSty70huob-jkVUnuGGkCxVHqLSM6aeJQxYoEs0/mB9fvo8ZWUxeFZZDB7AZC6GS07g07eU3L7j5rmKI9Y_nRWdK_VYeTQfDeMl5JxpdTMEPWZQf6xAdhqnSFd0M7CuGj2MYZc1WpgpdIhA1OnmQy_vuAHug3uzKbPo4joKP/.../webshots-desktop-3.1.3.7504.exe

https://dw.uptodown.com/dwn/RDhnoRvcxrykNlEeVar5hXq495DXN3xlXRbLL8ZuamHGjibGfe7GIQISxyr_KX1qvJjxGVGAe3DtbIk3agiMyssKGcNEbh4Q3A-11J7IVk7QouG39Xg8pR-CuoaEz2_g/-QM-8ecf9cxP_FwuTbZuY4TSclL1vGczl_vPPjtnL4IaNsyKENTvk0e88dxaYQZHy-NamI1upJoSL9tteAnGdSmiNaG-wRMhji-_5HymzGV2muuKBa7M-Bxblo5fw7to/q20QLKJ6_InBaXFfC6wdkcgM4KaBVZ3fhSP2OaiXbZXbOhgrOr_c_KaVhJi8FNzLKHJ_drYlaeLa1f4v11Ic5lb4pXyaoYopd-p4BLvIxCmKZnXf4cp7xMRrXFnrpuMg/.../

http://dw.uptodown.com/dwn/M2ppUlmlOEGxNDVlMfhRSf_BPSSGzRlxLiKlBfcwSk_6tdkV4TzqUERb6iFddQUrikAlMRftwS-OZDHyLMgQsGcnihGT-yx0m9tYU_Vb8TrTHXIdBGMJcimdLxLaDqRc/UR6F4jvJ1Bd0qobFbpCzDmtyk6NRCFdJYA43b-ki_QBTX9C6H5BEnMgK7Qu6kLtNuoRgNSA-QDmRaV5cFKWsQ8sGWkQk48El3h-xa-aFVBSF6hEGsEck__sNQDoP16HU/cEKyCZ5xFW53NSptlJM3eEnVstPVgbX6r0RDl10bh2c4RzRFEDlm-z0u4IQ4xINY-D4HQHE7EJXVOG_SKmPeZBaW9e9tI_Ke3bmPRB8qHpYcO1QKuIb5-vxEw1dm2HSV/.../

https://dw.uptodown.com/dwn/IW0ikjeht9wbpUdn-b02-YAABtY-1A_OFSdW2ETo0Qb5bFEXZY-9og0KUfZtm08nrvvWtWVpWu8ULoXHGNkjZc4KAHwqD7xxgYzcDSeog0LRqFvPmiQaKZEs6MKlNrNK/s8A0Dhc-fngxgz0NJtgFGpnJNpwGw_usSgFJ76TOgkQqj6iPmemChKmXnjvGEs4nOh-iJbdf2UwfHbcCTs6g7EuZXhe-x7b3eH-HU247GcGkOkA1e1NWhoaCNSzuyrwt/VYN3SAPfEwnZiC0tZ2h0lHCiKiwglG4XJmGPAj8Q3Aq-0ww6HHhc3DM8BJqSfq92uJrpc_G3UrdpEtM89XQxuYdKhJuN9tL7jtbFsD7KAptP-8eT6u4m6pRlB1-jZPD8/.../

Scan webshots-desktop-3.1.3.7504.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.