» presviewer.exe
Overview
Analysis
File Details
Downloads (4)

presviewer.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s6406.chomikuj.pl and multiple other hosts.

File name:

presviewer.exe

MD5:

5a71c8f21add7fae2278bed11b5423c3

SHA-1:

7f480a7752fd70526ad76d03ef1903584ff5dbbb

SHA-256:

771d92c80166f5828b6073a11b68c643ff82e3b09f2328ccad2f3ab742a8facf

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

6/22/2025 10:16:18 AM UTC (today)

File size:

91.5 KB (93,696 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

9/5/2004 3:38:56 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Linker version:

6.24

CTPH (ssdeep):

1536:vNgSrm563UZXYr8l6Z7kbDfzJ60UUR0qxTv70Q0ARq2I/Zu/vQDxkqZ3KJg/FyAF:lgYm4oYrE6uxj70z2I/1DxLZ3vsHUp

Entry address:

0x1C18

Entry point:

0D, C0, A0, E1, F0, 58, 2D, E9, 1C, B0, 8D, E2, 04, D0, 4D, E2, 00, 70, A0, E1, 01, 60, A0, E1, 02, 50, A0, E1, 03, 40, A0, E1, 12, 00, 00, EB, 04, 30, A0, E1, 05, 20, A0, E1, 06, 10, A0, E1, 07, 00, A0, E1, E8, 03, 00, EB, 00, 40, A0, E1, 20, 40, 0B, E5, 01, 00, 00, EA, 00, 40, A0, E1, 20, 00, 00, EB, 04, 00, A0, E1, 1E, 00, 00, EB, F0, A8, 1B, E9, 04, E0, 2D, E5, 00, 10, A0, E1, 00, 00, 91, E5, 00, 00, 90, E5, 50, 00, 00, EB, 00, 80, BD, E8, 04, E0, 2D, E5, 20, 10, 9F, E5, 18, 00, 9F, E5, 07, 00, 00, EB... 
[+]

Code size:

81.5 KB (83,456 bytes)

The file presviewer.exe has been seen being distributed by the following 4 URLs.

http://s6406.chomikuj.pl/File.aspx?e=LmfFW0LJdXN8BrD8JDZvkSkmf-nV2hpbpCF2brDl3hhUguHukCN105I3RKS4R1UWQuNgmEpmDLqH00wZoFgvpH8NuVnln8mY6l7Q5ai9GprMsl0ArBSkH3owx6-B0WmGcoZV8mKk9cZXq30Tnm7LXw&pv=2

http://s10044.chomikuj.pl/File.aspx?e=LmfFW0LJdXN8BrD8JDZvkRuhXXZFd0DlFLzEiFNnHhZZzHQZyB91KUjh16ZHVbnISIyc6YNJsm4Pz1qzGG7VaJmrQNG5yioh6xvQEvIynVjtmG9Sg2BA2dTS7HuLD-YGFBRKpEBNXhw1VqNF6FN9Cg&pv=2

http://s6406.chomikuj.pl/File.aspx?e=LmfFW0LJdXN8BrD8JDZvkYLDTKkd6yhfHB74Qja4UZHAr92Sn5kc5xIj8NyiJolrZQ2T3uqOMjuVQ7ReceW1aIcb7aY9isuJMa_vHBW1Z8a6zLsY9-uUal262MvV5d_jBTdNl-Zq2WpoD4xuEncB4g&pv=2

http://s10044.chomikuj.pl/File.aspx?e=LmfFW0LJdXN8BrD8JDZvkTgtcNXtuD1BYUq3i4OBMA3j9vlditcs1-tZllNvFnlHUHw9hicWSmBVoo85nRnMiOwoiXCdLvAfUlb336DGwW7LQkaZbvBoY1sXQhcw8Ro0LiGLwJC892fCW0-wg6HwYQ&pv=2

Scan presviewer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.