home

installer.exe

Sogi

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.thursaaw.com.
Product:
Sogi

Description:
Sogi Setup

Version:
2.3

MD5:
ed83cf4b6947217d78f507a6cbaeeda6

SHA-1:
b485f0131666182aa980cdfd8f9fe67af883e194

SHA-256:
50cacdcfbbec2ec970fdfb43a280ee3d26be58a509cde28bafb7503062015a6c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 5:31:55 PM UTC  (today)

File size:
518.1 KB (530,539 bytes)

Product version:
2.3

Copyright:
Software

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\installer.exe

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:zQi2qRTn6Zr75WE8CRecvDANRl7q3C8pJth:zQiHhq8oRvDAzl7uh

Entry address:
0xA5F8

Entry point:
C7, C6, F9, 58, 78, A5, 86, CA, 84, D5, B4, 69, F3, 0F, AF, FB, C6, C6, 3B, 88, ED, 81, FD, CC, 4C, 00, 00, 43, FF, C1, 02, F9, 89, E8, 69, EA, 32, AB, 48, 41, F3, 34, D9, F7, C1, D8, 82, 96, 90, 0F, B7, CF, 84, D3, E8, 18, 00, 00, 00, 88, E9, 0F, BE, FA, C7, C1, 03, EB, FD, 61, 1C, 53, 0F, B6, F4, FE, C9, 03, E8, 88, CD, 2C, 56, 59, 89, DB, 80, DB, B8, F3, 69, EB, A6, 4A, 6E, A8, F2, 73, 02, FE, CF, 8D, 15, CF, B2, F2, 44, 87, C3, F2, BD, 8C, F8, 00, 00, 0F, BF, C5, 81, F5, 6C, 07, 00, 00, 0F, B6, D3, FF...
 
[+]

Entropy:
7.9425  (probably packed)

Code size:
39.5 KB (40,448 bytes)

The file installer.exe has been seen being distributed by the following URL.

http://www.thursaaw.com/.../installer.exe

Scan installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.