подвал_32.exe

eDrawings 2009

Dassault Systèmes SolidWorks Corp.

This is a setup program which is used to install the application. The file has been seen being downloaded from docviewer.yandex.ua.
Publisher:
Dassault Systèmes SolidWorks Corp.

Product:
eDrawings 2009

Description:
EModelSelfExtracter Module

Version:
13.5.0.111

MD5:
dbbdb3c7f20489f49de96b94a02500c8

SHA-1:
33978603a67ec3e73e4bf5467a1e02d180aeae8e

SHA-256:
e07b13677a6cdf28c17d8b3a7dc8e5921c627e73d3e64dc35fca415ae8f59691

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 9:37:11 AM UTC  (today)

File size:
7.1 MB (7,473,893 bytes)

Product version:
13.5.0.111

Copyright:
Copyright © 2008 Dassault Systèmes SolidWorks Corp.

Original file name:
EModelSelfExtracter.DLL

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\подвал_32.exe

File PE Metadata
Compilation timestamp:
9/27/2013 10:25:25 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:/A4zgKsqglBJbDkSZ1RtGUw0DI6YEL9bsV6fFh:Aznbkk4A9bnf

Entry address:
0x6771

Entry point:
E8, EF, 1E, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 83, 65, FC, 00, 56, 8D, 45, FC, 50, FF, 75, 0C, FF, 75, 08, E8, 6B, 1F, 00, 00, 8B, F0, 83, C4, 0C, 85, F6, 75, 18, 39, 45, FC, 74, 13, E8, F5, 02, 00, 00, 85, C0, 74, 0A, E8, EC, 02, 00, 00, 8B, 4D, FC, 89, 08, 8B, C6, 5E, C9, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, B8, 2E, 41, 00, 89, 0D, B4, 2E, 41, 00, 89, 15, B0, 2E, 41, 00, 89, 1D, AC, 2E, 41, 00, 89, 35, A8, 2E, 41, 00, 89, 3D, A4, 2E, 41, 00, 66, 8C, 15, D0, 2E, 41, 00, 66...
 
[+]

Code size:
45.5 KB (46,592 bytes)

The file подвал_32.exe has been seen being distributed by the following URL.

Scan подвал_32.exe - Powered by Reason Core Security