home

eventviewer.exe

Vino's Event Viewer

Product:
Vino's Event Viewer

Description:
Windows Event Viewer - Reports from 1 to 20 of the last events or between two dates.

Version:
1.00.0004

MD5:
0c8d133705bb3787f2022fdb6be6f3ae

SHA-1:
374e4ac68c3beb70a7856c849840fdfdf46d3314

SHA-256:
8f747616645e7c224836e949dafda4a3da62f3a2347c41f671377e41c8458e95

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 4:34:14 AM UTC  (today)

File size:
60 KB (61,440 bytes)

Product version:
1.00.0004

Copyright:
Fill Your Boots!

Original file name:
VEWv01c.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\eventviewer.exe

File PE Metadata
Compilation timestamp:
8/10/2009 10:02:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:/ryEpa8zINF/9lN5FXHbrb7/emkC1zRyamYFcz2eG/vzBFxSCmYdoyE:/5NzINJnHFrrLUABFxSZM

Entry address:
0x14A8

Entry point:
68, B0, 1E, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 11, 93, 02, 93, 10, A1, E3, 43, BE, 44, DB, 9B, 4F, 69, 67, 9B, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, F3, FC, 00, C8, D7, FC, 00, 00, 00, 00, 00, FF, CC, 31, 00, 1E, 62, 6F, 8E, 0B, B1, 0C, CD, 4A, B8, 0F, 01, 16, 7A, 00, 1E, 9D, 32, F8, 3A, DB, 03, 1D, CA, 49, 99, 94, 82, 4D, 20, BC, C7, C9, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
4.6506

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
48 KB (49,152 bytes)

The file eventviewer.exe has been seen being distributed by the following 3 URLs.

http://images.malwareremoval.com/.../VEW.exe

http://api.viglink.com/api/click?format=go&jsonp=vglnk_jsonp_14085461490986&key=59ca95b761b973f7093283b921e56892&libId=c8b79849-599f-4da9-8f98-286b3ac59724&loc=http://www.bleepingcomputer.com/forums/t/366519/event-viewer/&v=1&out=http://images.malwareremoval.com/.../VEW.exe&ref=https://www.google.co.id/&title=Event viewer - Windows 7&txt=http://images.malwareremoval.com/.../VEW.exe

http://api.viglink.com/api/click?format=go&jsonp=vglnk_jsonp_13995903532246&key=59ca95b761b973f7093283b921e56892&libId=266282d4-7efe-486a-b682-ebdc4b1fa220&loc=http://www.bleepingcomputer.com/forums/t/436730/bsod-bad-pool-header-ntkrnlpaexe/&v=1&out=http://images.malwareremoval.com/.../VEW.exe&ref=https://www.google.ro/&title=BSOD - Bad Pool Header / ntkrnlpa.exe - Windows Vista&txt=http://images.malwareremoval.com/.../VEW.exe

Scan eventviewer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.