home

elevador.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from lms2.unitec.edu.
MD5:
0db77e03b3d8f76f0acfc25159f36476

SHA-1:
4cd787e6b01f9301edadff4b3aa31894277be891

SHA-256:
f56e2f98a63155893164b9397d7f9e7a0450a5f09124c76f8639b57733f6786c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/10/2025 11:37:31 PM UTC  (a few moments ago)

File size:
1.9 MB (1,944,862 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\elevador.exe

File PE Metadata
Compilation timestamp:
6/5/2016 2:46:27 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
2.24

CTPH (ssdeep):
24576:VkoqcktXSzmREnOm4Olk122e68JsU3Aot+Ec0xMkcqqI8hSJfF:ZqcktUmREnXlvbOqqI8hSJfF

Entry address:
0x1500

Entry point:
48, 83, EC, 28, 48, 8B, 05, B5, DE, 08, 00, C7, 00, 00, 00, 00, 00, E8, 3A, F4, 00, 00, E8, 95, FC, FF, FF, 90, 90, 48, 83, C4, 28, C3, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 53, 48, 81, EC, 08, 01, 00, 00, 48, 8D, AC, 24, 80, 00, 00, 00, 89, 8D, A0, 00, 00, 00, 48, 89, 95, A8, 00, 00, 00, E8, DD, F3, 00, 00, 48, 8D, 15, A6, 8A, 08, 00, 48, 8B, 0D, CF, D8, 08, 00, E8, AA, F8, 06, 00, 48, 8D, 45, 7C, 48, 89, C2, 48, 8B, 0D, 8C, D8, 08, 00, E8, C7, C0, 04, 00, 48, 8B, 0D, 80, D8, 08, 00...
 
[+]

Code size:
459 KB (470,016 bytes)

The file elevador.exe has been seen being distributed by the following URL.

https://lms2.unitec.edu/mod/.../view.php?id=8345497

Scan elevador.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.