home

installer_pouforpc.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from get.toowapp.com and multiple other hosts.
MD5:
4abfb738f52859d501c3dcbd18d3a3c3

SHA-1:
f4e807cf1f857dedc9eb1ef2f4def82977486265

SHA-256:
745a9c82fa9ad97ea1547009861b16a4e37042059914e7f9f0b4b56a3c211919

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 2:29:19 PM UTC  (today)

File size:
11.9 MB (12,515,096 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\installer_pouforpc.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
196608:GiX+JVNP7MZ/vNMqgQ31pKksEp3ywGys6C+qJoxM/gfaMNgvXIN:sJPOMqgQ36ks+jsUlaKggN

Entry point:
50, 4B, 03, 04, 14, 00, 08, 00, 08, 00, BD, 0D, 2E, 42, F3, 2D, 20, 86, 2F, 5B, 00, 00, F4, EB, 00, 00, 1A, 00, 04, 00, 61, 73, 73, 65, 74, 73, 2F, 66, 6F, 6E, 74, 73, 2F, 43, 6F, 6F, 6B, 69, 65, 73, 50, 53, 2E, 74, 74, 66, FE, CA, 00, 00, EC, BD, 77, 60, 1B, C7, 99, 28, 3E, 33, 8B, 6D, 00, 16, 8B, 2D, D8, 45, EF, 8D, 00, 0B, 00, 82, 04, 3B, 29, 16, 91, 22, D5, 49, 51, C5, 2A, 94, 2C, 4B, B2, 2D, 59, B6, E3, 16, C7, E7, 1E, C7, 97, F8, 6C, 27, 71, BA, E3, 34, 5F, 9A, 63, BF, 24, 4E, 1C, 3B, 89, 13, 27, 97...
 
[+]

Entropy:
7.9497  (probably packed)

The file installer_pouforpc.exe has been seen being distributed by the following 3 URLs.

http://get.toowapp.com/1/69/17/.../pouforpc-1.1.apk

http://get.toowapp.com/1/69/28/.../pouforpc-1.1.apk

http://get.toowapp.com/1/69/28/.../pouforpc-1.1.apk

Scan installer_pouforpc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.