home

lbp3300_r112_v303_win_x32_en_7.exe

The program is a setup application that uses the WinZip SFX installer. The file has been seen being downloaded from www.downloadpresentcity.com and multiple other hosts.
MD5:
55f92d7d9a9a57ff19bef86f3f2afbfd

SHA-1:
4e75911790fd5a7bf6550521675e623927c4648e

SHA-256:
c34d52506045b6c63d882737a236cb9f5af78a8b9d1e64450ffebb04781a6de4

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/28/2024 5:17:18 PM UTC  (today)

Scan engine
Detection
Engine version

K7 AntiVirus
P2PWorm
13.202.15655

File size:
13 MB (13,681,152 bytes)

File type:
Executable application (Win32 EXE)

Installer:
WinZip SFX

Common path:
C:\users\{user}\downloads\lbp3300_r112_v303_win_x32_en_7.exe

File PE Metadata
Compilation timestamp:
1/9/2001 7:53:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.10

CTPH (ssdeep):
393216:SlMVBlA6FHiX9rZl7uBdw15p2O+LqcF3b1KT0mBL7EoTd7:Sapbe91l7AwzQBqZNEo

Entry address:
0x39D8

Entry point:
53, FF, 15, 50, 60, 40, 00, B3, 22, 38, 18, 74, 03, 80, C3, FE, 8A, 48, 01, 40, 33, D2, 3A, CA, 74, 0A, 3A, CB, 74, 06, 8A, 48, 01, 40, EB, F2, 38, 10, 74, 01, 40, 52, 50, 52, 52, FF, 15, 54, 60, 40, 00, 50, E8, 07, F8, FF, FF, 50, FF, 15, 58, 60, 40, 00, 5B, C3, 8B, 44, 24, 04, 8B, 40, 3C, 05, F8, 00, 00, 00, C3, 55, 8B, EC, 51, A1, 28, 84, 40, 00, 83, 0D, A0, 82, 40, 00, FF, 56, 33, F6, 39, 35, F8, 7D, 40, 00, 89, 35, D4, 83, 40, 00, 89, 35, 24, 84, 40, 00, A3, C4, 86, 40, 00, 75, 05, E8, 67, D8, FF, FF...
 
[+]

Entropy:
7.9990

Packer / compiler:
WinZip, 0x32-bit SFX v8.x module

Code size:
18.5 KB (18,944 bytes)

The file lbp3300_r112_v303_win_x32_en_7.exe has been seen being distributed by the following 7 URLs.

http://www.downloadpresentcity.com/AAkBzQX_MkDHqhi s Oyt3RKi7 t15HwM4V27kH52TFDcpM0zIqhc7_7lsli8I0SxLH6tOP3BEt6vyOodmrldlgp1YwAZ1U joG2HJVOVPyKRC9FmbmXS4_ia3BYVWwecW0nEeV SpRaVdiPor0ZIVSb4g9wcP2wufbNBLvleei53_Fmnd21kNcVsmqjOYr3FmDF21uDPTCNrrg3e9 _GjzvbSZL0w==-Gx0DAGTIbTQOfNDK2IJkLFHHYcFBw0QO2NtiiPkk9t448GSNkZ9FYM7V m3e7Vau7wXvtSZUmmKCUAmpK6j2kg9gpQvMTH6fbS _KZJko9_6OylswTMXux6UlfoorprQzNvgrdsZ3YKtT7PbAWjUEvzAWW0fOUCVW 7T845XcRjy2A_IHbrGVMvBHtHr_NDQ4hB3MvKmwO8x_GKIykq M4L_vkrNTgRd_roUS6bDwwBELLrLRxKHRKZCu1Ek_vz12w_2AbiL4A3BLaicZ92Yqg2kvUcxS3GcmCQmfInPUWbEvFKBp1gw13yXH_UttOvsDhqt6Rve8xXSUiis_NCIqGKqw6F1ZeTw0Sn6it2nFsVza1gzn08 KW8pIU7bbAJtFpUcz6EHUj1 SRn721lG1wXkDGN8xMnB7Ot8JIeukKRCz0BCrtBfP6J1pZnTP5qkHcEmbbKFm2aT8J0rsPDSXX_2pLtB17eOZst5EU008rJgP wRJdOU0no6kWhjYg_4gAyVdxfQd8gSqUror ptv64rHMYqpEmsNWNK1WwFA5DvMlzDkFmf09aR6EF_8FFK6qTd8tGJZMTol8Lh4cegzBF8x1CTIhS_czT jPhIQB3MefWb1941xsVUS6ANo0YrJ3whgcBBfQv4dmpVc2NN5yPn_dfrlrv5Mr5TYgnZKZvhBzJe0Jyag4l1wA9uDj7iJAoNy2NPQfakk_j7IGqeN4N6UR_6mg10VVrQ

http://www.ranchmetabits.com/OkEhEKgHlqM 5XnxyZE8dWzGWfdxGK1PydQpktN7r9LrcrrykoCH0B0ln giaiTegqK2lPE9P6Lt68Swnrcmb4OHf2LjchnhrxXKD5oJeDizmdLrmTJOowwszRIKXdsKJ8k5YIZlUp3 vPvWeQqucMA4jmAQtci_GJoRyfDUhWDdB6eCfAk=-Gx0DAGTSTRoHXrAKo4ag1oVrgztM5IC9LYaYT2LvjQNP1hj5WQTm8tv6tM3279aueK 137TKY4c732 DOo6LQC8i1vSzLP18UDUcDKQP9fcLX5FDjvO9Pe9JmAICYWNck3f8AFJZCXyv86iiemW92vcPeyuMSq3juXD7 gsipSvCkx_9zhxlrty179fWRwIGPI3KESqGddQ3s2nRSUTcGpifvKJdJxYfFGzw3EU29TV9EYnCEDh6kxZLVQDg wwrEcqbgSmVCU8OhK5fcPYesE4j ClhgN8n7O7hu0Tn2eVL tppTKKm23pddlCPeW7zmMDbDJfJVZ0mJSEHxaxtFHVZsXVUm8IFlEP ZiV_n6pFA8hLO 4IrPUMfL5vcs37xKNB3cYXu593tQ2BrY OE4etWYzFlI9NbIVGrRVlnGReAOB2bzWoggfC K4AhAqZQ0JvJZyCkL fgNTc8 LNl9vBQ_Sv08I2ihOLNcIk6TQSgOKv0AUKXryOq8vFk5vEkcSTRg12tNZ1I2PynFrhy1OGizDQvG3yIO9Jm9SW1PZMVM4MGaVf4QPapnHuUnvdZ5gr uXxhK 8zYlayTrlE v6QYk5sx2q91QlhOs5Jg25sMuL1HyIVGcVGQPJ58QTywC0OmQuPT0fNnC4g5LB3uGZvLE4fQxxX7GDLMBmePNIE9lPShwwvx5MJNklUzlSg 295JEeD2D1VyIQy oeIneD PWW98iwcZWLQcwPUaKEArA4LarUrG8Xm0axDskNEWMg3WqarIeGXic1ka7Xvd

https://filedir.com/.../266545

http://www.factoryheadcentral.com/c?x=yEgVryPLIi4592SVjh8WD5ZvobXzu 6CGEyPw2gmpsU=&c=VpuWmXezJ/ WsqdLEyWmZtFp18OE3U/NZhaFMHWj44JLvw49HZ2CP1CrOClWRlzUjEQAMTFz2m7VccuXnuC Pd1KTqYW/q/KwwwfwmG8hrrIvc1 jnHcg/skKEPvqU4gZzgY5HI6JEP335sZ r t0g==&e=0&downloadAs=driver-canon-lbp-3300-1.13.exe&fallback_url=http://pf.benjaminstrahs.com/s/1467096603/en/4/.../40658-1792043-driver-canon-lbp-3300.exe

http://www.dlflashstock.com/WVl6OTRQV1ZLVkNVeVJqUmtjbTFpVmxkcU0xSmlRbkJ0VlhKSk9YQklTemxDVkhVd05UUnJaMjFUWWpGbVZ5VXlSbk5aSlRORUptTTlOMDF0SlRKR2RuVjFNSGw1T1djd2JrbHNKVEpHU2t3MWVHdFlkMGt6ZEd4R09FTjFZWEZNUTJsRVlVTmhlR2R4UmtjMVFWQlJRa3c1YWpkdFZFMXpTbVp0TWtzellXTnVlRlEyWWxRbE1rWmFXRUp1VjA1aGVHVmhiRmRHYkU1RWNHZFRXak5WSlRKQ1FrcGxVaVV5Umt4S056RldTRFY2UjFOVE1razBKVEpDWjIxUFluRndOM2t3TjFsS09GRkVTVTlvWmxWaVFtb3dSamRqYURnbE1rWlVTRkVsTTBRbE0wUW1aVDB3Sm1SdmQyNXNiMkZrUVhNOVpISnBkbVZ5TFdOaGJtOXVMV3hpY0Mwek16QXdMVEV1TVRNdVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdjR1l1WW1WdWFtRnRhVzV6ZEhKaGFITXVZMjl0SlRKR2N5VXlSakUwTmpJek5UQTRPRFlsTWtabGJpVXlSalFsTWtZd0pUSkdOREEyTlRndE1UYzVNakEwTXkxa2NtbDJaWEl0WTJGdWIyNHRiR0p3TFRNek1EQXVaWGhs

http://www.bulkapplicationsign.com/c?x=jPOwjgelYKVC3hPAvmWPHUYgXk9mkAq2tme8WyT7rk0=&c=xmVawCsbpqAEOpQHiCIhsOuN6DL19pFvkwzuGUCw9bbMY SSg3SUyGlWIziME0HdnnX4Gg5QCiRCk8GpFzWkvsJBgsRmbnqxioDLA1B7egGTpMaLlJ iZHc8ysCV9vVGaY3qNqmWbFRi4z1J5534CnNZiMckROciI2EeE8pYpoM=&e=0&downloadAs=driver-canon-lbp-3300-1.13.exe&fallback_url=http://pf.benjaminstrahs.com/s/1459409517/en/4/.../40658-1792043-driver-canon-lbp-3300.exe

http://files.canon-europe.com/files/soft36568/.../LBP3300_R112_V303_Win_x32_EN_7.exe

Scan lbp3300_r112_v303_win_x32_en_7.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.