» baixaki_accent-office-password-recovery.exe
Overview
Analysis
File Details
Downloads (3)

baixaki_accent-office-password-recovery.exe

Passcovery Co. Ltd - ООО

This is a setup program which is used to install the application. The file has been seen being downloaded from passwordrecoverytools.com and multiple other hosts.

File name:

Publisher:

Passcovery Co. Ltd - ООО (signed and verified)

MD5:

d73802a25ceb053e95ee7b6649bdfd31

SHA-1:

a845a79c62afee53a5457eb7d923a0e88e297c53

SHA-256:

a20354208feee2205cb86096b499a78a7eda0ec32eceaa3089219c83565faa84

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/6/2024 4:51:25 AM UTC (today)

File size:

9.9 MB (10,358,784 bytes)

File type:

Executable application (Win16 EXE)

Common path:

C:\users\{user}\downloads\baixaki_accent-office-password-recovery.exe

Digital Signature

Signed by:

Passcovery Co. Ltd - ООО

Authority:

StartCom Ltd.

Valid from:

4/4/2016 6:45:19 PM

Valid to:

4/4/2019 6:45:19 PM

Subject:

CN="Passcovery Co. Ltd - ООО ""ПАСКОВЕРИ""", O="Passcovery Co. Ltd - ООО ""ПАСКОВЕРИ""", L=Saint-Petersburg, S=Saint Petersburg City, C=RU

Issuer:

CN=StartCom Class 3 Object CA, OU=StartCom Certification Authority, O=StartCom Ltd., C=IL

Serial number:

123C738C7F49A092E5F715017AE08DE1

File PE Metadata

OS version:

0.65534

OS bitness:

Win16

Linker version:

254.255

CTPH (ssdeep):

196608:GSHJSd9hVv7EPZYcUAls3q2mzE2eq5h7n28cauw/XrQdmQesq1WnDlHoGlRhTw:G8U9hVvgKcU3QE2eq5lm+rQdbe9YnJfp

Entry address:

0x30000

Entry point:

D0, CF, 11, E0, A1, B1, 1A, E1, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 3E, 00, 04, 00, FE, FF, 0C, 00, 06, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 03, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 10, 00, 00, 02, 00, 00, 00, 01, 00, 00, 00, FE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 08, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF... 
[+]

Code size:

384 KB (393,228 bytes)

The file baixaki_accent-office-password-recovery.exe has been seen being distributed by the following 3 URLs.

http://passwordrecoverytools.com/.../AccentOPR_940.msi

https://passwordrecoverytools.com/.../aofpr_setup.exe

http://software.thaiware.com/download_url.php?id=6526

Scan baixaki_accent-office-password-recovery.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.