handysetup_v3.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from cdn4.handycafe.com.
MD5:
58512657235d2c5254142a62c97294ca

SHA-1:
4bdb476a0508534cc8617b756fa7f9075204a129

SHA-256:
5f7e846e32a62ea9a0bd99bd23cb6c9d4de34903b1af50e8155dbac1bd566331

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 7:37:04 PM UTC  (today)

File size:
6.1 MB (6,448,547 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\handysetup_v3.exe

File PE Metadata
Compilation timestamp:
1/24/2013 9:25:58 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:9aWxnR/L/nChDK54NzNLHiBbFBs6nuE5aJImSTBRvIQJyEQ1lIDrbrL9VjBA:oed/nwK54vwduOttNRaEYIjnndA

Entry address:
0x1837F8

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, B8, E0, 95, 57, 00, E8, 1A, 72, E8, FF, 8B, 1D, 34, E9, 58, 00, 6A, 00, 68, B8, 38, 58, 00, E8, 48, AE, E8, FF, 85, C0, 0F, 97, C0, 84, C0, 74, 15, 6A, 30, 68, D8, 38, 58, 00, 68, E4, 38, 58, 00, 6A, 00, E8, AC, B0, E8, FF, EB, 74, 8B, 03, E8, 0F, 1C, FA, FF, 6A, 00, 8B, 03, 8B, 80, 78, 01, 00, 00, 50, E8, 43, B2, E8, FF, 8B, 03, 8B, 80, 78, 01, 00, 00, BA, EC, FF, FF, FF, 52, 50, E8, D7, B4, E8, FF, 8B, 13, 8B, 92, 78, 01, 00, 00, BE, EC, FF, FF, FF, 25, FF, FF, FB, FF, 0D...
 
[+]

Entropy:
7.7529

Developed / compiled with:
Microsoft Visual C++

Code size:
1.5 MB (1,583,616 bytes)

The file handysetup_v3.exe has been seen being distributed by the following URL.

Scan handysetup_v3.exe - Powered by Reason Core Security