» get system info.exe
Overview
Analysis
File Details
Downloads (1)

get system info.exe

Kaspersky Lab

File name:

get system info.exe

Publisher:

Kaspersky Lab (signed and verified)

MD5:

6be03319dce279e307c4f181c414b0a7

SHA-1:

8a9657ef401cb04527e1775b993aa165c37873d4

SHA-256:

90f26148a1b4d76ed753410adec66110607c7f020a2eedb7329fa39647d115c8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/27/2024 8:43:59 AM UTC (today)

File size:

19.2 MB (20,087,904 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Kaspersky Lab

Authority:

DigiCert Inc

Valid from:

2/22/2013 3:00:00 AM

Valid to:

4/28/2015 3:00:00 PM

Subject:

CN=Kaspersky Lab, O=Kaspersky Lab, L=Moscow, C=RU

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0226E6BDA76DAE711E3DB2321E3B5308

File PE Metadata

Compilation timestamp:

1/12/2015 5:39:30 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

196608:iVVBw55aodovjdhJN4Zx/tqxZtrdvr8Xf+kYKxQgI/cnfnmzZb2Z6s3qBQmEZOBZ:jqbdSXWklxQgiUmzZb20oFrMRoawg

Entry address:

0x15D7F

Entry point:

E9, 82, A9, 00, 00, E9, EA, F6, 00, 00, E9, 12, AC, 01, 00, E9, FF, 3F, 01, 00, E9, 1E, 8B, 02, 00, E9, 57, 87, 00, 00, E9, 6E, 79, 00, 00, E9, E9, 65, 00, 00, E9, 75, D1, 00, 00, E9, A4, AB, 01, 00, E9, 84, 3B, 01, 00, E9, 13, 8B, 02, 00, E9, 0B, 50, 02, 00, E9, BD, 86, 00, 00, E9, 48, 87, 00, 00, E9, D5, 8A, 02, 00, E9, B9, 41, 01, 00, E9, 2B, 41, 01, 00, E9, 8A, 8A, 02, 00, E9, 1D, 08, 01, 00, E9, AE, 9C, 01, 00, E9, 4A, F3, 00, 00, E9, DE, 37, 00, 00, E9, F3, 89, 02, 00, E9, 18, 9F, 00, 00, E9, BF, 5F... 
[+]

Entropy:

7.1971

Developed / compiled with:

Microsoft Visual C++ 8.0 (Debug)

Code size:

177.5 KB (181,760 bytes)

The file get system info.exe has been seen being distributed by the following URL.

ftp://gsi6:QYQZJu93RqIXR@data8.kaspersky-labs.com/Get System Info.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.