installpolyboard.exe

Install

Boole & Partners

This is a setup and installation application. The file has been seen being downloaded from www.byteuniversedelivery.com and multiple other hosts.
Publisher:
Boole & Partners

Product:
Install

Description:
Installeur PolyBoard 5.14g

Version:
2.1.1.3

MD5:
0f8a065183135a78b3956df21feffd06

SHA-1:
d131ab331ae4814ab25604d73e981e392f8f917e

SHA-256:
10f90287410e5bd2f2e77a4b0b9f5099a4fb782d10172ba57086626db554baf8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/17/2024 1:03:11 AM UTC  (today)

File size:
12 MB (12,551,168 bytes)

Product version:
2.01a

Copyright:
Copyright © Boole & Partners 2004-2015

Original file name:
InstallPolyBoard5.14g.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\programs\polyboard\installpolyboard.exe

File PE Metadata
Compilation timestamp:
8/25/2015 5:15:09 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:2xhqVQ5XIbUN8Id6GEPi1b4QXLRoVbLXMbJ+vu4e0FNtVVVBjbIQqj9YZUSP:cEA44mIX1bNLRylFvjMjQF

Entry address:
0x161823

Entry point:
E8, D7, 7F, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 51, C7, 01, F8, 82, 5C, 00, E8, 5A, 80, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, DF, 19, F4, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, 9D, 80, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, E4, 18, 00, 00, 6A, 16, 5E, 89, 30, 57, 57...
 
[+]

Entropy:
7.7710  (probably packed)

Code size:
1.6 MB (1,728,000 bytes)

The file installpolyboard.exe has been seen being distributed by the following 8 URLs.

http://www.byteuniversedelivery.com/0VpmzLfTs4sVWQrvBiQkyg7ej2Eua85 4qWNBKcR5e KNCWDbHiXDEPZWAAgYcCDKZwqTU3QWj8o_NrvjdyygebgRYUAVTxJCfhEeS9b6Q1DVKNpgAvFivjr5SBlH6_d1jru_vzlUx5BVRnvPq73WWl DdhEADFzAiIgnOt5SOXwrtaW8fcxJ1Dgmwuddt48JXYFs4PnQT9HVRbedquaMZkp0VTxqtIF2HPdgwqePLkAHs6bcgZlfbBJoGTxWJdkshSXeP_slIxpvD9yuvgWiwGanQzCBEo8ajoqCcbmmuhQ1ibCx Hlnku3vJsnGQkE7T5t831 BANgv4cQXDJOP9SbZRuD59ChnKGmkq9QMkfDgYk6Q1aES16c2LB_ze2dpKaQ84zGXMo06UmDjaRgYs3tiJ1kZlf1I9vI9tWQV1gPZMnF6jbxqBpMNueq2KdGrrFMQChHOUo1TsRDqV7iV4MCGg4DFbhAO5yACS8lxXLrGg_C4TIYMs yhcV6yaCOq5wT_m2C-GzUAAERPFts3G6UL7RNMsQkK4JADh aBBiQ1Re2gbwxRYFOe2PT5tOPHxpFC3kJ

http://www.boole.eu/installpolyboard5.exe

http://www.farmflashtour.com/WVl6OTRQU1V5UmpsekpUSkdkR2d6Y1hVeVlYRllla3h0TW1kdFRUUjVjM3BrUm1vNU5IWk1ORGs0TW14NFpIWnhNa3R2SlRORUptTTlkMkp3UVVocmNFUk9iVTFhTVRWRVNIUXhaa1o1U0hadVQxZFlaWEZ5WkhaV1ZuaGxlV05JWmtoUWFuTklZekpUY214cFRXazVkSGx1Y1VSR2IxVm9kbFF3UldsWGVXaExVVU00TVVaQlZubGpVMGRYWTFST1pEZHNTVkZyT1RkNlIwbFViR1F6U0ZrbE1rSTNaelJ6VVRaaFYwY3pNelJKVjJSalFsSnRZVTB5YUZWMU1rMXJaakkzYkdSb09HTlhjM293YTNOM1puY2xNMFFsTTBRbVpUMHdKbVJ2ZDI1c2IyRmtRWE05Y0c5c2VXSnZZWEprTFhCeWIyZHlZVzFoY3kxbmNtRjBhWE10Ym1WMExtVjRaU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6UVNVeVJpVXlSbVpwYkdWekxtUnZkMjVzYjJGa2NISnZaM0poYldGekxtTnZiU1V5UmxCdmJIbGliMkZ5WkY4MVh6RTBaeTVsZUdVPQ==

Scan installpolyboard.exe - Powered by Reason Core Security