fms.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s10558.chomikuj.pl.
MD5:
795fe19c86d1970c4baf25b56cf7829f

SHA-1:
8a5092d079ff386e546e178150d4452833ddfed1

SHA-256:
378dc07c253ac6a051488dea4c99d1d58193f86d9298dabc4c543c822d6dd53f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 12:27:56 AM UTC  (today)

File size:
3.6 MB (3,767,503 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\fms + 600 models\landscapes 2.0 beta 7\fms.exe

File PE Metadata
OS version:
294.16752

OS bitness:
Win16

Subsystem:
Native (none required)

Linker version:
3.0

CTPH (ssdeep):
49152:Hgg1dF4WusY+MiANe9EI0G0EKGAZ7MjxCwKfYPATPaPokVqcS3lBVBh1oxENew3g:L1dYuMZe9chE9if3LfkVqcS1BRmxENrg

Entry address:
0xA4009C

Entry point:
4D, 5A, 31, 01, 01, 00, 01, 00, 05, 00, 00, 00, FF, FF, 00, 00, 14, 00, 00, 00, 00, 00, 0D, 00, 40, 00, 00, 00, 01, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 40, 01, 00, 00, 04, 00, 0D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 44, 69, 65, 73, 20, 69, 73, 74, 20, 65, 69, 6E, 65, 20, 57, 69...
 
[+]

Entropy:
7.9960  (probably packed)

Code size:
256 KB (262,147 bytes)

The file fms.exe has been seen being distributed by the following URL.

Scan fms.exe - Powered by Reason Core Security