libraryfiles.exe

Libraryfiles Install Program

This is a self-extracting archive and installer. The file has been seen being downloaded from mega.co.nz and multiple other hosts.
Product:
Libraryfiles Install Program

Version:
2, 0, 0, 24

MD5:
4677e4883065b86829b2832ed3791efd

SHA-1:
a26995b8f5b51ef7e40e4d174a2a7bb4dcbcaed0

SHA-256:
978b40e811542cc21a547b32b04de3c4c43b7992916694cee87ca486fd8149c3

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 5:44:53 PM UTC  (today)

Scan engine
Detection
Engine version

Norman
Hacktool.JX
11.20131225

File size:
5.7 MB (5,935,720 bytes)

Product version:
2, 0, 0, 24

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\libraryfiles.exe

File PE Metadata
Compilation timestamp:
12/17/2004 3:59:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:stmkbHvFmHUrejUZHF0EbKDopdXZcnuThdN0sahJpQppvYqIj7W+qOSvS0NenNaE:s3bHvFQ0dbThdN0ZhJpcwqYW+RSq0knh

Entry address:
0x12FFD

Entry point:
55, 8B, EC, 6A, FF, 68, 68, 77, 41, 00, 68, 24, 5D, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, A0, 70, 41, 00, 33, D2, 8A, D4, 89, 15, A0, E1, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 9C, E1, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 98, E1, 41, 00, C1, E8, 10, A3, 94, E1, 41, 00, 33, F6, 56, E8, BA, 03, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, FE, 2A, 00, 00, FF, 15, 0C, 71, 41, 00, A3, AC, E6, 41, 00, E8...
 
[+]

Entropy:
7.9932

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
88 KB (90,112 bytes)

The file libraryfiles.exe has been discovered within the following program.

SpeedFan (remove only)  by Almico Software
SpeedFan is software that can read temperatures, voltages and fan speeds of computer components. It can change computer fan speeds depending on the temperature of various components. The program can display system variables as a chart and as an indicator in the system tray.
6% remove it
 
Powered by Should I Remove It?

The file libraryfiles.exe has been seen being distributed by the following 50 URLs.

https://mega.co.nz/temporary/.../2UsEAQQC

http://download771.mediafire.com/ac0flb4jqntg/.../libraryfiles.exe

https://downloader.disk.yandex.com.tr/disk/294633f75dc54930376a3a29a34057747120be77802fe6196a2292c67e9e5e85/583d8694/.../x-msdownload&fsize=5935720&hid=dfdc568c911242ac71148dd48620d3fc&media_type=executable&tknv=v2

https://downloader.disk.yandex.com.tr/disk/000950d84bb41ec682f4c582ca2135c8db4153c493c67058e395a062a233b420/5847e1a3/.../x-msdownload&fsize=5935720&hid=dfdc568c911242ac71148dd48620d3fc&media_type=executable&tknv=v2

http://download2035.mediafire.com/iyrochveefvg/.../Libraryfiles.exe

https://docs.google.com/uc?authuser=0&id=0B7BqXcOy8PQ0SFREZ3FiNHgyczg&export=download

https://www.indecosoft.ro/.../savedown.php?_dir=sqlexpress2005&_file=libraryfiles.exe

http://s3.dosya.tc/en2.php?a=server6/.../ry_Files__OCX_hatasi_alanlar_bunu_kursun_.exe&b=1111e66daaef5226873b1c44c4474f09

http://download604.mediafire.com/x2714l9ipdfg/.../libraryfiles.exe

http://download758.mediafire.com/1txuzjowxwog/.../libraryfiles.exe

http://netix.dl.sourceforge.net/project/.../libraryfiles.exe

http://download2147.mediafire.com/im9awu0ahcdg/.../libraryfiles.exe

http://dc589.2shared.com/download/.../libraryexe.exe

http://s10014.minhateca.com.br/File.aspx?e=1yuPBvPN4YjSfS90CMJ5t6WHPCvZFKsSlcz4WU1MD5joLHjtC96Yq4V3XiF6v6Rx1-b9u2zBMKxyMyjAntGUivx_FAVfIl4L7ui88cuQnJKvXvS_1kymIRs87KzgorYdH-R7z4KP25IDBFHWha8jGA&pv=2

ftp://38.123.204.157/SATO/.../LibreriasOCX.exe

http://download1399.mediafire.com/ncqjext9e3yg/.../libraryfiles.exe

http://download805.mediafire.com/o1r228x51zzg/.../libraryfiles.exe

Latest 30 of 50 download URLs

Scan libraryfiles.exe - Powered by Reason Core Security