home

windows7oeminfoeditor.exe

The executable windows7oeminfoeditor.exe has been detected as malware by 6 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from antoniocampos.no-ip.com.
MD5:
6f0f59c986895341e67f64d962170e40

SHA-1:
3bf2214cfb46a39db2a5b1c2ad39ae35e5100114

SHA-256:
8a979fd4d2bfeeb8725b08cda84edf825d704612f5dc0315ac64c1df9649784b

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
4/25/2024 6:47:12 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Apanas [Trj]
160518-2

AVG
Worm/Delf.FF
2015.0.4604

Dr.Web
Win32.HLLP.Neshta
9.0.1.05190

ESET NOD32
Win32/Neshta.A virus
8.0.319.0

F-Prot
W32/HLLP.41472
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.225.469.0

File size:
118 KB (120,832 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\windows7oeminfoeditor.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
1536:JxqjQ+P04wsmJCgZ/zQcdtXpDnKuQz5cz:sr85CgZ8EtXdnKu2I

Entry address:
0x80E4

Entry point:
55, 8B, EC, 83, C4, E0, 33, C0, 89, 45, E0, 89, 45, E8, 89, 45, E4, 89, 45, EC, B8, 54, 80, 40, 00, E8, 12, BE, FF, FF, 33, C0, 55, 68, 20, 82, 40, 00, 64, FF, 30, 64, 89, 20, B8, A8, 91, 40, 00, B9, 0B, 00, 00, 00, BA, 0B, 00, 00, 00, E8, 5C, EF, FF, FF, B8, B4, 91, 40, 00, B9, 09, 00, 00, 00, BA, 09, 00, 00, 00, E8, 48, EF, FF, FF, B8, C0, 91, 40, 00, B9, 03, 00, 00, 00, BA, 03, 00, 00, 00, E8, 34, EF, FF, FF, B8, DC, 91, 40, 00, B9, 03, 00, 00, 00, BA, 03, 00, 00, 00, E8, 20, EF, FF, FF, A1, 10, 92, 40...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
29 KB (29,696 bytes)

The file windows7oeminfoeditor.exe has been seen being distributed by the following URL.

http://antoniocampos.no-ip.com/Software/.../Windows7OemInfoEditor.exe

Remove windows7oeminfoeditor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.