home

المساعد في استمارة الجوازات.exe

Project1

BKHN

This is a setup program which is used to install the application. The file has been seen being downloaded from dc723.4shared.com.
Publisher:
BKHN

Product:
Project1

Version:
1.00

MD5:
8220d00e34f4c95825e8db33b89a5fb4

SHA-1:
110dd0e82f1f405c5738acbca912bd234a25ecb5

SHA-256:
b6c0c53d61fbad3b42ef3529adc78cbc4bbdc38f7176d425f8274f47f1fe8229

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 12:37:26 PM UTC  (today)

File size:
640 KB (655,360 bytes)

Product version:
1.00

Original file name:
المساعد في استمارة الجوازات.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\المساعد في استمارة الجوازات.exe

File PE Metadata
Compilation timestamp:
6/22/2013 12:25:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:4OfsAISZoYTF8Blrnod39vxoi0l8/9ltXM2fF6dT2IBN/qF88BKS:4PAISKYTmGRjDtXlfFYyIH8B

Entry address:
0x1088

Entry point:
68, F4, 2A, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, E2, 65, C1, 1B, 4C, 70, 8A, 4D, 87, 57, B3, 41, 65, 29, AC, 44, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 4E, CB, A7, D4, 18, 97, 1C, 5F, 4B, 99, 18, 50, 55, 8D, B9, 8A, EB, C1, 4C, DB, B5, 0E, BC, 20, 40, A9, C7, 5C, B6, 94, 0D, ED, B1, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
7.6295

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
632 KB (647,168 bytes)

The file المساعد في استمارة الجوازات.exe has been seen being distributed by the following URL.

http://dc723.4shared.com/download/.../___.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.