home

Akhar2016.exe

AKHAR

ACTDPL

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-0g-ak-docs.googleusercontent.com.
Publisher:
ACTDPL

Product:
AKHAR

Version:
1.0.0.0

MD5:
dec18363a7b10e393b4e4badf88aaac1

SHA-1:
0c0ff26f1fedb21c7f75c7d061a9453df34c64a5

SHA-256:
c316d69a7dddc3db1f6da74f0795ac611bdd9b671419a8bf8edba2d103fed83c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 7:10:15 AM UTC  (today)

File size:
7.9 MB (8,265,216 bytes)

Product version:
22.0

Copyright:
Copyright © Advanced Center for Technical Development of Punjabi Language & Literature

Trademarks:
Akhar2016

Original file name:
Akhar2016.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\akhar2016.exe

File PE Metadata
Compilation timestamp:
6/10/2016 4:42:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
196608:fSKCLDzsEd4XX/JHqosbhjosDwsMTf5C45QHkPSixN:fNCPzHdMX/UZNjosD9gFQmLx

Entry address:
0x7E800A

Entry point:
FF, 25, 00, 80, BE, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9578  (probably packed)

Code size:
57.5 KB (58,880 bytes)

The file Akhar2016.exe has been seen being distributed by the following URL.

https://doc-0g-ak-docs.googleusercontent.com/docs/securesc/qv5il7kt4tfbbjin9bg1hokmktpffqob/tqoeqco266sp9i0icbck1rp1ujv5c5l5/1465574400000/00648345690745651158/.../0B499N_d_ItY0ZGc3bTJtWmpaRnM?e=download&nonce=t2erqppf7tjus&user=06939407050290117628&hash=6fjd83k14mad15uukf82urqfr5voacl7

Scan Akhar2016.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.