» windjview-0.5.exe
Overview
Analysis
File Details
Programs (1)
Downloads (28)

windjview-0.5.exe

WinDjView

Andrew Zhezherun

This is a setup program which is used to install the application. This is installed with WinDjView 0.5. The file has been seen being downloaded from doc-0g-1o-docs.googleusercontent.com and multiple other hosts.

File name:

windjview-0.5.exe

Publisher:

Andrew Zhezherun

Product:

WinDjView

Version:

0.5

MD5:

d152358c41d73dfa3157a9efe06bc881

SHA-1:

bd9905e3490b6918a17f756b5be021f0cc9679d5

SHA-256:

3ecccbb4ac2793478e2907d8338f8e9dbb9cead9c626e9c8b6cdad8c2c2d933b

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/18/2024 4:01:52 PM UTC (today)

File size:

508 KB (520,192 bytes)

Product version:

0.5

Original file name:

WinDjView.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\windjview-0.5.exe

File PE Metadata

Compilation timestamp:

5/25/2007 7:33:51 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

12288:cFX5C2MBw0BVwSyG/XgWU5KZDGBvQYOGaKW22RmWveaoS:cxb4NtgWUgZ6Bv5BW225

Entry address:

0x175910

Entry point:

60, BE, 00, B0, 4F, 00, 8D, BE, 00, 60, F0, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 10, 31, 17, 00, 57, 83, C3, 04, 53, 68, 0D, A9, 07, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Entropy:

7.9733 (probably packed)

Code size:

496 KB (507,904 bytes)

The file windjview-0.5.exe has been discovered within the following program.

WinDjView 0.5 by Andrew Zhezherun

Publisher's description - “WinDjView is a fast, compact and powerful DjVu viewer for Windows with tabbed interface, continuous scrolling and advanced printing options. It uses the free DjVuLibre library to decode DjVu documents.”

windjview.sourceforge.net/ru

6% remove it

The file windjview-0.5.exe has been seen being distributed by the following 28 URLs.

https://doc-0g-1o-docs.googleusercontent.com/docs/securesc/d9vijefhk798r5l1bpcjcve1sqa9sgn9/8pghjke0d5lfkgbs8ukhtr9142ofh7va/1483538400000/15843283068062252732/.../0B4qhm4mXspd_cjJVZkdVaWRlRGM?e=download

https://drive.google.com/a/.../uc?id=0B59Wz_al9wlZVXJpVUZHbDhwRXM&export=download

http://www.headapplicationconecpt.com/WVl6OTRQVzVQSlRKR1F6TmxWMFIwTWpsTkpUSkNUa05NZDBKb1ozaHBTMWhwTUhWVmQzZzFTMkY2VG1oVVkyeFVSV3hqSlRORUptTTlZVk5xYUZWbVIwbEJSWFZNUW5WYU1TVXlSa1JLTmpWRU5EaDVUMVZZWlU5UFRtSjBjR3RtU2xreVNtNWhlV3hCVTFvM1J6TkhPWFZqUlhkMmNXRkViR1oyZWs1dVQzTlVSSFJKY0RkSFFtbDNlbTFZY0ZoR1pqZzNUMGRLYURWQ05FRk1TRXMxVEZwSlRVVkNTbXB3VnpWTU5tOXNSbUZYTW00NWExTjRNRmQ0VTB4WmVFNWFiQ1V5UWxNbE1rWlNOSEJzTWpWRkpUSkdkVlpaZEdjbE0wUWxNMFFtWlQwd0ptUnZkMjVzYjJGa1FYTTlkMmx1WkdwMmFXVjNMVEl1TUM0eUxtVjRaU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6UVNVeVJpVXlSbkJtTG1KbGJtcGhiV2x1YzNSeVlXaHpMbU52YlNVeVJuTWxNa1l4TkRZeU56azBPVFV4SlRKR1pXNGxNa1l6SlRKR055VXlSak0zT0RFNExUZzVOREV6TFhkcGJtUnFkbWxsZHk1bGVHVT0=

https://onedrive.live.com/.../ 0MrNvvE=6&ithint=.exe

http://dc414.2shared.com/download/.../WinDjView-05.exe

http://smibooks.ru/book.exe

http://www.astro.spbu.ru/conf/ambarz-100let/.../WinDjView 0.5.exe

https://installers.phpnuke.org/?ic_user_id=327

https://doc-0g-bs-docs.googleusercontent.com/docs/securesc/2a0vv7l67h7p7gsbpj5r6tsf08rjshsi/d263gqtkpogcd4sk5au222hg927i9u8f/1470837600000/16096429429912221487/.../0Bxb0JrtIt_zZenhPc1ZOYnZoX0E?e=download

http://dc619.4shared.com/download/.../___DJVU.exe

https://www.dropbox.com/s/.../DJVU Viewer.exe

http://download1759.mediafire.com/4c38k5iw8rmg/.../WinDjView-0.5(2).exe

http://192.168.1.103:55432/file/MicroSD/.../DJVU Viewer.exe

https://docs.google.com/uc?id=0ByWgdjyKpzPDcnd5S0xpdmVSYTA&export=download

http://elearning.usm.my/1516sem1/mod/.../view.php?id=5004

http://www.electricdom.ru/.../WinDjView-0.5.exe

https://drive.google.com/uc?id=0B5ppmHAlS2FFaTNZM0VlUmNxOUU&export=download

http://chytanka.com.ua/ebooks/.../WinDjView-0.5.exe

http://www.alleng.ru/d_ar/.../WinDjView-0.5.exe

http://www.djvu.com.pl/.../WinDjView-0.5.exe

http://djvu.org/resources/windjview/.../WinDjView-0.5.exe

https://doc-08-ak-docsviewer.googleusercontent.com/viewer/securedownload/ptuqemsiq06hrtogtkut6f2e6b88kpkm/38h22h338av9si6gokvdgred084ht6oi/1374288300000/ZXhwbG9yZXI=/.../MEJfYkZPcmlQcUJscVptRmxaR1prWWpJdE1XWXlPUzAwWkRFMExXRmtNamN0TURrMU56WTROek01WTJFNA==?sec=AHSqidZ_IlrpMdZNvQIlKLSZeVn1eo9ggGLtfFyvVuYXwL2hgqT_mJZtXNkr76Cj-VOOV89G_xj3&a=dl&filename=Tafsir Ibnu Katsir Juz 10.rar&rel=rar;r2;DJVU Viewer.exe&nonce=b6sf3vl7iuk8e&user=AGZ5hq9QMjena-uv8mDx-sL467Ze&hash=3hb4drm8nr2p4u5s02qbhe5edrtrliel

http://heanet.dl.sourceforge.net/project/windjview/WinDjView/Old Versions/.../WinDjView-0.5.exe

http://downloads.sourceforge.net/project/windjview/WinDjView/Old Versions/.../WinDjView-0.5.exe

http://d110.cdn.m6web.fr/longtail/0080/.../WinDjView-0.5.exe

http://d210.cdn.m6web.fr/longtail/0080/.../WinDjView-0.5.exe

http://lb.cdn.m6web.fr/d/c/a/9eb82d266b18bf155bde773151191f49/53bffa02/longtail/0080/.../WinDjView-0.5.exe

http://longtail.archive1.clubic.com/files/26a6e31e16f07cf268ee3d843792ee98/52d80630/longtail/0080/.../WinDjView-0.5.exe

Scan windjview-0.5.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.