home

atualizacao_y3win64_32.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.sugarsync.com.
MD5:
0097b6b9898b0f1c225cfb47927f8d50

SHA-1:
cec5985ffb1fc1df0846ecac9a9caa06016a44e8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 9:21:49 AM UTC  (today)

File size:
949.1 KB (971,846 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\documents and settings\user\meus documentos\downloads\atualizacao_y3win64_32.exe

File PE Metadata
Compilation timestamp:
8/8/2016 8:49:40 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:EoOFvc9oM/qPJJl6GMfRd3GZF4IIxiXV23EAGywGrqWmQBiPbceIgc9Z:rOF6IJJEGMf33GMIrXU3bGQmWmQYgT1/

Entry address:
0xB9C24

Entry point:
55, 8B, EC, 83, C4, F0, B8, 08, 84, 4B, 00, E8, 24, D0, F4, FF, A1, C4, CF, 4B, 00, 8B, 00, E8, C4, 50, FB, FF, A1, C4, CF, 4B, 00, 8B, 00, B2, 01, E8, 8E, 6F, FB, FF, A1, C4, CF, 4B, 00, 8B, 00, BA, 90, 9C, 4B, 00, E8, 75, 4B, FB, FF, 8B, 0D, DC, D1, 4B, 00, A1, C4, CF, 4B, 00, 8B, 00, 8B, 15, 18, 78, 4B, 00, E8, A5, 50, FB, FF, A1, C4, CF, 4B, 00, 8B, 00, E8, D1, 51, FB, FF, E8, AC, AB, F4, FF, FF, FF, FF, FF, 0A, 00, 00, 00, 4D, 61, 63, 72, 6F, 6D, 65, 64, 69, 61, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
738 KB (755,712 bytes)

The file atualizacao_y3win64_32.exe has been seen being distributed by the following URL.

https://www.sugarsync.com/.../D3298607_07195842_85376?directDownload=true

Scan atualizacao_y3win64_32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.