angielskidemo.exe

Sfx-Factory! PL Samo-dekompresor

Aidem Media

This is a setup program which is used to install the application. The file has been seen being downloaded from s6418.chomikuj.pl and multiple other hosts.
Publisher:
e-merge GmbH  (signed by Aidem Media)

Product:
Sfx-Factory! PL Samo-dekompresor

Version:
2.5.0.0

MD5:
6254d4b799fe9d50dfa7beea8a5f10e7

SHA-1:
f3defabd445ac0672a40041c1e119eab193e6fef

SHA-256:
c3379928bbe905267ed4221069b936a596c6d8874444878c64bdca09b7940f45

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 2:45:36 PM UTC  (today)

File size:
5.4 MB (5,699,288 bytes)

Product version:
2.5.0.0

Copyright:
1997,2000 e-merge GmbH

Trademarks:
1997,2000 e-merge GmbH

Original file name:
win32sfx.exe

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\users\{user}\downloads\angielskidemo.exe

Digital Signature
Signed by:

Authority:
TP Internet Sp. z o.o.

Valid from:
9/2/2005 1:53:34 PM

Valid to:
9/2/2006 12:53:34 PM

Subject:
CN=Aidem Media, O=Aidem Media, C=PL

Issuer:
CN=CC Signet - CA Klasa 2, OU=Centrum Certyfikacji Signet, O=TP Internet Sp. z o.o., C=PL

Serial number:
43183D3E

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:dIuEBbkBRcekSczC9dqIlRE3Fe7Y35c4UOKt5qIfJaF6pIWSIrOqRCWHosD0OtY:dBEBnHEdqIlRE3F+gctOKOIxazer/XDy

Entry address:
0x1CF20

Entry point:
55, 8B, EC, 83, C4, E8, 33, C0, 89, 45, F0, 89, 45, EC, 89, 45, E8, B8, 28, CE, 41, 00, E8, C9, 7D, FE, FF, 33, C0, 55, 68, 02, D1, 41, 00, 64, FF, 30, 64, 89, 20, B8, 18, D1, 41, 00, E8, 01, FE, FF, FF, 8B, 15, 14, F4, 41, 00, 88, 02, 8D, 55, F0, 33, C0, E8, FB, 57, FE, FF, 8B, 55, F0, A1, 98, F4, 41, 00, E8, 52, 94, FE, FF, 6A, 00, 68, 80, 00, 00, 00, 6A, 03, 6A, 00, 6A, 01, 68, 00, 00, 00, 80, A1, 98, F4, 41, 00, 50, E8, 11, 7E, FE, FF, 8B, 15, 0C, F4, 41, 00, 89, 02, A1, 0C, F4, 41, 00, 83, 38, FF, 75...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
112.5 KB (115,200 bytes)

The file angielskidemo.exe has been seen being distributed by the following 2 URLs.

http://s6418.chomikuj.pl/File.aspx?e=MoMsE0xbF9Y4kQsOywQiR8na5htruHFKEdKYJ_JduRdXwXJOKqBG-V4_cFgA1TegNCh7jlrMX5E2hYBBVR8JPus6dQpVnP7-LHmFJmj1AejYZ_p_tBXZ2p4C5p4F2zukeVEujIkZNJClFMuwqLRaXg&pv=2

http://www.e-angielski.com/.../AngielskiDemo.exe

Scan angielskidemo.exe - Powered by Reason Core Security