lhaz64_224.exe

Lhaz

ちとらsoft

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-10-4s-docs.googleusercontent.com.
Publisher:
ちとらsoft

Product:
Lhaz

Description:
lhaz224.exe

Version:
2, 2, 4, 0

MD5:
49c826cd690e8b1e641a7a77c339f9a1

SHA-1:
9334e5e88213ea5222c090c2e85b08db6c940a97

SHA-256:
f36ab62bec92d1d0943cd3f9218f964bd8fef72eb163d0065373383742840b56

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 12:46:05 PM UTC  (today)

File size:
1.4 MB (1,455,189 bytes)

Product version:
2, 2, 4, 0

Copyright:
Copyright (C) 1999-2012

Original file name:
lhaz224.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\lhaz64_224.exe

File PE Metadata
Compilation timestamp:
10/1/2012 11:49:24 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:CroOyJ9iWEsh8sTRUFz0OEzOkEmhKwnHJxcPl35RkgKe7+WjT8QQUUIlFJ6ad8nw:CPyjihsHRBOB0cdJePCXj44UIlFJ6adv

Entry address:
0x107D0

Entry point:
48, 83, EC, 28, E8, 2B, 03, 00, 00, 48, 83, C4, 28, E9, 26, FD, FF, FF, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, B9, CB, 00, 00, FF, 15, FB, 18, 00, 00, 48, 8B, 05, A4, CC, 00, 00, 48, 89, 44, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, AF, 03, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24, 28, 48, 8D, 05, 64, CB, 00, 00, 48, 89, 44, 24...
 
[+]

Entropy:
7.9423  (probably packed)

Code size:
64.5 KB (66,048 bytes)

The file lhaz64_224.exe has been seen being distributed by the following URL.

Scan lhaz64_224.exe - Powered by Reason Core Security