» epm.exe
Overview
Analysis
File Details
Downloads (1)

epm.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from remote2.hulkload.com.

File name:

epm.exe

MD5:

d8db0675302c252dc6226f3d610ab7ac

SHA-1:

3b3272311140a006aad1aca7279637e4574760f3

SHA-256:

3e6e5c4ba2fe9817caecfde3911b0dd2d69b5d3aaf575a76f6832482e04e26a9

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/30/2024 10:13:27 AM UTC (today)

File size:

19.7 MB (20,630,403 bytes)

File type:

Executable application (Win16 EXE)

Common path:

C:\users\{user}\downloads\epm.exe

File PE Metadata

OS version:

0.1536

OS bitness:

Win16

Linker version:

25.0

CTPH (ssdeep):

393216:BOmVy2VYZ1SfS2LUyUsK25Y9qBcFqEdvEiCZhJjcDsrbKxqqI21qDay3te:BZVy2VYZ1SfS2L7WNqkyiQ/jcDibK4q5

Entry address:

0x9C

Entropy:

7.9943 (probably packed)

Code size:

148 Bytes (148 bytes)

The file epm.exe has been seen being distributed by the following URL.

http://remote2.hulkload.com/files/7/.../epm.exe

Scan epm.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.