home

142.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.pachin.net.
MD5:
26cd6c1a9bed5be3f9c7d1a3d42155a1

SHA-1:
9546c96e98ffabed22c6cac739c8495993f25cef

SHA-256:
50bea57add8d187fca5b50dbb946fded1b3fb33b6fe6ffa56b6d51095aaacfd5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
2/25/2025 1:14:50 PM UTC  (today)

File size:
466.5 KB (477,696 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\142.exe

File PE Metadata
Compilation timestamp:
6/26/2007 9:22:13 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
12288:xoFdccP4vbQ9iwEVrdKXpFbZZjv832I0QcEpR/qUmxz:xoFdcQ4jQ9iwGrgrvU32I0VEpRHm

Entry address:
0x113170

Entry point:
84, D9, 84, DF, 84, DD, 19, C1, 40, F6, C0, 09, 8D, 2D, 9A, F5, 98, B2, 8D, 35, 41, 51, 26, 53, 8D, 05, C6, 54, E3, A5, 84, CA, E8, 16, 00, 00, 00, C6, C5, 00, 81, FB, 21, C3, 61, E5, 0F, AF, C7, 12, C6, 87, D9, 81, FD, 2F, 79, 00, 00, 4F, C7, C0, 6B, D1, 77, 52, F3, 69, F9, 31, 34, E9, 34, 87, C5, 85, EE, 75, 03, 0F, B7, D2, 33, DB, C7, C7, 78, FA, 62, 2C, FF, C7, 0F, AF, FE, 81, CB, 8B, 00, 00, 00, BA, A9, 44, 7C, 1C, F7, C6, 87, 7D, 9B, 9C, 87, FF, 6B, DB, 05, 0F, BE, EF, 69, E9, 9D, AB, 35, CB, 8D, 0D...
 
[+]

Entropy:
7.8567  (probably packed)

Code size:
368 KB (376,832 bytes)

The file 142.exe has been seen being distributed by the following URL.

http://www.pachin.net/uploads/products/.../142.exe

Scan 142.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.