home

al-manzoom direcrun.exe

Al-Manzoom ver 2.1

Hadiyah Ashara 1430

This is a setup program which is used to install the application. The file has been seen being downloaded from almanzoom.ekhwan.info.
Publisher:
Hadiyah Ashara 1430

Product:
Al-Manzoom ver 2.1

Description:
Al-Manzoom

Version:
2.1.0.0

MD5:
d6f494bb2e1130f790f74ab5fc78485e

SHA-1:
1459381214bf75b3d6b58a2c47370535f1d47de9

SHA-256:
01fba22ea77078d7157229ba6ddee380bb907cebd2e191a507be6bfe282440c3

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/17/2024 1:36:29 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6379

Trend Micro House Call
Suspicious_GEN.F47V0214
7.2.197

File size:
4.4 MB (4,648,672 bytes)

Product version:
3.6.5.0

Copyright:
Copyright by Hadiyah Ashara 1430, 1/13/2013

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
2/24/2010 6:37:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:xFQsutRa+7yj+FcLcT/uLbomLml2PA6kC1JE5e1eUQqc:xFoba+7C/LrgmKl7865Lqc

Entry address:
0xB0DC

Entry point:
55, 8B, EC, B9, 10, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, F8, A2, 40, 00, E8, CF, 98, FF, FF, 33, C0, 55, 68, 53, BA, 40, 00, 64, FF, 30, 64, 89, 20, 33, C0, A3, 28, 00, 41, 00, 33, C0, A3, 58, 00, 41, 00, E8, 2E, F1, FF, FF, 0A, 05, 64, BA, 40, 00, E8, 33, F1, FF, FF, 33, C0, A3, 50, 00, 41, 00, 33, C0, A3, 54, 00, 41, 00, E8, 04, EE, FF, FF, B8, 48, 00, 41, 00, E8, 7A, 89, FF, FF, E8, A1, A5, FF, FF, 8B, F0, 6A, 0A, B9, 68, BA, 40, 00, 8B, 15, E0, F7, 40, 00, 8B, C6, E8, 53, B7, FF...
 
[+]

Entropy:
7.9892

Developed / compiled with:
Microsoft Visual C++

Code size:
40 KB (40,960 bytes)

The file al-manzoom direcrun.exe has been seen being distributed by the following URL.

http://almanzoom.ekhwan.info/Al-Manzoom DirecRun.exe

Scan al-manzoom direcrun.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.