docxviewersetup1.2.exe

DocX Viewer

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from a.tinhaythe.com and multiple other hosts.
Product:
DocX Viewer

Description:
DocX Viewer Setup

MD5:
2d38b746a077a0f001760f46d41bb58c

SHA-1:
4e82532dbf4787f40e93aed6aae1a211a0e5a063

SHA-256:
60445cf10509ece9127eb58a73394ac9d6eec75928c2e98e3415eab07fb9c863

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 1:46:54 PM UTC  (today)

File size:
577.3 KB (591,144 bytes)

Product version:
1.2

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\docxviewersetup1.2.exe

File PE Metadata
Compilation timestamp:
6/20/1992 2:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:f20tY4bJQ5iv0um1OcvCayvXGf75RbaEDf1qSVfx6ENuUFtFG:f20u4bZsumkbagXC75ld1qSVpcqG

Entry address:
0x9B60

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 66, 95, FF, FF, E8, 6D, A7, FF, FF, E8, 98, C9, FF, FF, E8, DF, C9, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, 17, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, E0, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, C8, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 17, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9535

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file docxviewersetup1.2.exe has been seen being distributed by the following 13 URLs.

http://a.tinhaythe.com/v2106xm/2014/.../docx-viewer-1-2.exe

http://low.software.dn.naver.com/f4b6ad4977ab8009690176bd4ebbf8c8/.../DocXViewerSetup1.2.exe

&onid=18483&oid=3001-18483_4-75179715&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=biz-soft/office-suites&topicbrcrm=&pid=13573382&mfgid=6309397&merid=6309397&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=1aa00fbe97b95483f29bbcf4&viewguid=gkOTmFW0KnGQDURGI3SOaHWkINZk3jDV8MvL&destUrl=http://files.downloadnow.com/s/software/13/57/33/.../DocXViewerSetup1.2.exe

&onid=18483&oid=3001-18483_4-75179715&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=biz-soft/office-suites&topicbrcrm=&pid=13573382&mfgid=6309397&merid=6309397&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=285e7957bce7639d6d7f8a63&viewguid=gUpgfmp86UvTr3kGr4Gks4v9yBKbV2tqB7Vv&destUrl=http://files.downloadnow.com/s/software/13/57/33/.../DocXViewerSetup1.2.exe

http://www.ranchsendgift.com/OeXbBonSagm5IomAMlHeikwH8YxKJRbX5N3MCP36MB9UK__KTPOwGh2x2Wvfwnpxy4hZ5K8 jBuIbkuMS K6iS81gBB_1CyAGz99H_SVqaIVtQKs6EutFZypWl_Gq8mFSkZg2q8sKQh51O9Lf1itcC5f927zY9DiAjUM0KKNaiPlYhOMKJaSDR_OWeXiWEpfDyQrbV4d_5Olrj8dkHH7VJ5nP_ZS1w==-CxqAaHR0cDovL2VwaW5nc29mdC5jb20vZG9jeC9kb3duL0RvY1hWaWV3ZXJTZXR1cDEuMi5leGUD

&onid=18483&oid=3001-18483_4-75179715&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=biz-soft/office-suites&topicbrcrm=&pid=13573382&mfgid=6309397&merid=6309397&ctype=dm&cval=NONE&devicetype=desktop&pguid=eda035cef6b4cca9ecad1c24&viewguid=c0t@OV7XHvpjrT9lrzDjusmYoIEqvthShKqq&destUrl=http://files.downloadnow.com/s/software/13/57/33/.../DocXViewerSetup1.2.exe

&onid=18483&oid=3001-18483_4-75179715&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=biz-soft/office-suites&topicbrcrm=&pid=13573382&mfgid=6309397&merid=6309397&ctype=dm&cval=NONE&devicetype=desktop&pguid=065337e64c3982ba2636fe52&viewguid=bTEUwvH7iBBOB9hebpbRUeetrBVYu2pTCatU&destUrl=http://files.downloadnow.com/s/software/13/57/33/.../DocXViewerSetup1.2.exe

Scan docxviewersetup1.2.exe - Powered by Reason Core Security