3900_ptb_win2k_xp.exe

HP Deskjet 3900 Series

Hewlett-Packard Company

This is a setup program which is used to install the application. The file has been seen being downloaded from www.updatebundletown.com and multiple other hosts.
Publisher:
Hewlett-Packard Company

Product:
HP Deskjet 3900 Series

Version:
1.0.0.0

MD5:
b3b98a2cea22bb052e7e8ac20d2f92f7

SHA-1:
f2581bfc93206ec5031e3bd90ba946a5b5b914d0

SHA-256:
c771e641479ea319a597980793dfece4f0d15a64811ee0dc4e4457a3309aac1d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:09:29 AM UTC  (today)

File size:
44.9 MB (47,085,212 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\downloads\3900_ptb_win2k_xp.exe

File PE Metadata
Compilation timestamp:
5/17/2005 1:11:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:/jNsFycc5pK0QIFJxUxCkjT3yhhWTa02OTZBzX2aK5x1vcY1naQ3sldH0WgMOGOF:rNsd8p3FJxCLChhcT7iv1UY1mDpE

Entry address:
0x3D0B0

Entry point:
60, BE, 00, 40, 42, 00, 8D, BE, 00, D0, FD, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
104 KB (106,496 bytes)

The file 3900_ptb_win2k_xp.exe has been seen being distributed by the following 8 URLs.

http://www.updatebundletown.com/c?x=YGz0npVrsK2Zmn/lI7KZw1CcwGmzVGV grAosaXUKnM=&c=kEPigsUe8/8dGkJSsMxNAhuc7TnZTx/yc3t8X4RTHRll7ui54u/Gjbts1o86FLJyk93SaCE/MI0X9wptk 3wI yR0k83oHezDSiVzaGlXJCSSxuvd A/XfOIm58YuLzolTvgqamDtb8tJa k2bXMO1IUwgtl5qb2wSGbztadv1w=&downloadAs=HP-DeskJet-3920-Driver.exe&fallback_url=http://ftp.hp.com/pub/softlib/software5/COL11207/.../3900_ptb_win2k_xp.exe

http://ftp.hp.com/pub/softlib/software5/COL11207/.../3900_ptb_win2k_xp.exe

http://whp-aus2.cold.extweb.hp.com/pub/softlib/software5/COL11207/.../3900_ptb_win2k_xp.exe

ftp://15.201.49.137/pub/softlib/software5/COL11207/.../3900_ptb_win2k_xp.exe

Scan 3900_ptb_win2k_xp.exe - Powered by Reason Core Security