cpu_id.exe

Pro/ENGINEER

PTC

Publisher:
PTC

Product:
Pro/ENGINEER

Description:
Pro/ENGINEER Wildfire from PTC

Version:
28, 0, 2007, 220

MD5:
55339b71f4de550617ba43cadc719d1e

SHA-1:
fef31e174a78e44d22347213825884711caad132

SHA-256:
074f6893bfb2e9872d58793dbc1fd1a6d523716dc51bf0004224355518c62e42

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 9:40:11 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
150602-1

File size:
2.5 MB (2,631,168 bytes)

Product version:
Wildfire 5.0

Copyright:
Copyright © 2008 Parametric Technology Corporation. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\cpu_id.exe

File PE Metadata
Compilation timestamp:
12/17/2009 9:24:17 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
49152:4gUmSm8MXIJdhMVOZffQ5ZHWcFO5dho0Q4zJMzdU01gch28FkPJvE:4Fh1wMJ

Entry address:
0x108527

Entry point:
E8, 1C, 99, 01, 00, E9, A4, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8, E3, 7E, 01, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, 80, 20, 68, 00, 74, 12, 8B, 0D, 98, 1F, 68, 00, 85, 48, 70, 75, 07, E8, 94, 2A, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, A0, 1E, 68, 00, 74, 16, 8B, 46, 08, 8B, 0D, 98, 1F, 68, 00, 85, 48, 70, 75, 08, E8, 73, 9B, 01, 00, 89, 46, 04, 8B, 46, 08, F6, 40, 70, 02, 75, 14, 83, 48, 70, 02, C6, 46, 0C, 01, EB, 0A...
 
[+]

Entropy:
6.4944

Code size:
1.9 MB (1,990,144 bytes)

The file cpu_id.exe has been discovered within the following program.

WinDirStat 1.1.2  by Bernhard
WinDirStat is a graphical disk usage analyzer for Microsoft Windows, notable for presenting a sub-tree view with disk use percentage alongside a usage-sorted list of file extensions that is interactively integrated with a colorful graphical display (a treemap).
windirstat.info
5% remove it
 
Powered by Should I Remove It?

The file cpu_id.exe has been seen being distributed by the following 2 URLs.

https://duke.htl-leonding.ac.at/ftp_dl.php?file=VTI5bWRIZGhjbVV2VFdGMGFHTmhaRjlEVUZWSlJDOWpjSFZmYVdRdVpYaGw=

Scan cpu_id.exe - Powered by Reason Core Security