home

CPUGrab.exe

DirectShow

Microsoft Corporation

Publisher:
Microsoft Corporation

Product:
DirectShow

Description:
DirectShow SDK CPU Grabber

Version:
5.01.60.0408

MD5:
0907d37c5104ceb1771157ced49de363

SHA-1:
41e807e89eddbc13c54ae22f3f122d580f3d0b4a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 5:29:24 AM UTC  (today)

File size:
11.8 KB (12,048 bytes)

Product version:
5.01.60.0408

Copyright:
Copyright (C) 1992-1998 Microsoft Corp.

Original file name:
CPUGrab.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Application data\{5071c9d5-7976-477f-97ae-8c494cb2e362}\offline\41a19019\77b5539e\cpugrab.exe

File PE Metadata
Compilation timestamp:
4/8/1998 5:37:33 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
192:jARclOCS0QHZaUNy3P7RPRSw1vgQQEWAF:jAZ5NydP9IoWAF

Entry address:
0x1690

Entry point:
55, 8B, EC, 6A, FF, 68, 88, 11, 00, 01, 68, 70, 19, 00, 01, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, C4, 98, 53, 56, 57, 89, 65, E8, C7, 45, FC, 00, 00, 00, 00, 6A, 02, FF, 15, 3C, 10, 00, 01, 83, C4, 04, C7, 05, 58, 21, 00, 01, FF, FF, FF, FF, C7, 05, 5C, 21, 00, 01, FF, FF, FF, FF, FF, 15, 38, 10, 00, 01, 8B, 0D, 54, 21, 00, 01, 89, 08, FF, 15, 48, 10, 00, 01, 8B, 15, 50, 21, 00, 01, 89, 10, A1, 4C, 10, 00, 01, 8B, 08, 89, 0D, 60, 21, 00, 01, E8, 56, 02, 00, 00, A1, 20, 20, 00, 01, 85...
 
[+]

Entropy:
3.3775

Developed / compiled with:
Microsoft Visual C++

Code size:
4 KB (4,096 bytes)

The file CPUGrab.exe has been seen being distributed by the following 4 URLs.

http://www.servisksm.republika.pl/spowalniacz.exe

http://download1005.mediafire.com/bnj02ljbq8bg/.../cpugrab.exe

http://download1621.mediafire.com/hwnr54rbylgg/.../cpugrab.exe

http://download1108.mediafire.com/widhfivoptpg/.../cpugrab.exe

Scan CPUGrab.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.