home

getimage.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from libs0800.acadlib.iup.edu.
MD5:
d87f98e441f707383d2503ea4c3b85f6

SHA-1:
41773bea5b2ac3fcf29d561a5c772e685b488915

SHA-256:
18afe24dac970a096d4348aad39b6f57b2133249a9200f1dc49d28ab9c00957c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:25:10 AM UTC  (today)

File size:
39.7 KB (40,662 bytes)

File type:
Executable application (Win64 EXE)

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
768:dt1zTTiutHAKo62jJtu6RhQ2ZC9PeChbRemUxRQYUc81fIAtTOeZhCyN:dbSe+62jJtZRh3Z62TmYN8Kc6iRN

Entry point:
FF, D8, FF, E0, 00, 10, 4A, 46, 49, 46, 00, 01, 01, 01, 00, C8, 00, C8, 00, 00, FF, DB, 00, 43, 00, 0A, 07, 07, 08, 07, 06, 0A, 08, 08, 08, 0B, 0A, 0A, 0B, 0E, 18, 10, 0E, 0D, 0D, 0E, 1D, 15, 16, 11, 18, 23, 1F, 25, 24, 22, 1F, 22, 21, 26, 2B, 37, 2F, 26, 29, 34, 29, 21, 22, 30, 41, 31, 34, 39, 3B, 3E, 3E, 3E, 25, 2E, 44, 49, 43, 3C, 48, 37, 3D, 3E, 3B, FF, DB, 00, 43, 01, 0A, 0B, 0B, 0E, 0D, 0E, 1C, 10, 10, 1C, 3B, 28, 22, 28, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B, 3B...
 
[+]

Entropy:
7.9461  (probably packed)

The file getimage.exe has been seen being distributed by the following URL.

http://libs0800.acadlib.iup.edu:2006/.../getimage.exe

Scan getimage.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.