home

نظريتا الباقي والعوامل.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download681.mediafire.com and multiple other hosts.
Description:
Slide Show

Version:
0.0.0.0

MD5:
4a3919c3e6c1a76c8fd1f39d4385d106

SHA-1:
76c97484224a10cdb5747c5bdc3acb7c4e4b26a0

SHA-256:
89f4f11d47518fe9b7bbf8ae0631af5281128c347001b3e8635baec69e44e7bc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/5/2025 11:25:14 AM UTC  (today)

File size:
7.6 MB (7,934,331 bytes)

Product version:
n/a

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\نظريتا الباقي والعوامل.exe

File PE Metadata
Compilation timestamp:
11/8/2011 12:34:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:HMuzpy8TGzBHlPh0MUp9puVtjDPmbI7AFYmis1u+shc:HMYp5aFunpmtj6k7AAgbsq

Entry address:
0x1000

Entry point:
68, 01, 60, A4, 00, E8, 01, 00, 00, 00, C3, C3, CA, 36, D3, 0A, A5, C6, DA, 00, 2C, B5, 8E, FD, EB, 75, 6B, FD, 1C, 0B, 19, 81, 54, 30, A5, 33, 6E, 56, 29, 18, BB, F2, 79, B3, 10, DC, B8, 2A, 55, 52, BB, C4, 94, 42, 16, 1B, B8, 50, D3, 18, 5D, D1, 1A, 52, 1E, 15, 0A, D9, E6, 4B, 9B, FE, A8, 07, AD, B8, E3, 8B, DF, 9E, 8F, B3, F0, DE, 07, 32, D6, B2, 6D, 30, 43, 56, 2A, 26, 39, D6, B2, 11, B5, 23, FD, ED, B0, A9, E0, 92, 68, C5, 8B, 6C, 0D, D8, E5, 7D, AA, F3, 07, B5, 17, 60, E5, 15, 5F, D3, 4F, 01, 7D, 0D...
 
[+]

Entropy:
7.9984

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
104.5 KB (107,008 bytes)

The file نظريتا الباقي والعوامل.exe has been seen being distributed by the following 3 URLs.

http://download681.mediafire.com/5p8sm2ftoocg/.../?????? ?????? ????????.exe

http://download1.mediafire.com/ecij0alzmrvg/.../?????? ?????? ????????.exe

http://download1.mediafire.com/bdu09zrvoo3g/.../?????? ?????? ????????.exe

Scan نظريتا الباقي والعوامل.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.