home

lupo_nrw_sv.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.abteigymnasium.de and multiple other hosts.
Version:
2.0.2.18

MD5:
361d6bef1318ced56ac0eee903be70ac

SHA-1:
bc09c1fdb45454fd9139957fed1f4f79dd841bbc

SHA-256:
6bf37ed652b357c3e8aabea6c2d7f7089e7da8b0c4507a32ade538277c9db042

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 10:34:39 AM UTC  (today)

File size:
9.2 MB (9,627,136 bytes)

Product version:
2.0.2

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\users\{user}\downloads\lupo_nrw_sv.exe

File PE Metadata
Compilation timestamp:
5/13/2014 12:10:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:gRofKitpScXFHWiLYd6N0Z/KTHqJobLFtq:gRoFt7FHtLYd6N0FEKubLF

Entry address:
0x7C1BBC

Entry point:
55, 8B, EC, 83, C4, F0, B8, D0, AD, BB, 00, E8, 54, 7F, 84, FF, 33, C9, B2, 01, A1, B8, 80, BA, 00, E8, F6, DB, 96, FF, 8B, 15, 98, B5, BE, 00, 89, 02, A1, 98, B5, BE, 00, 8B, 00, E8, C6, 39, 97, FF, A1, 98, B5, BE, 00, 8B, 00, 8B, 10, FF, 92, 8C, 00, 00, 00, E8, DE, 28, 85, FF, DB, 2D, B8, 1C, BC, 00, DE, C1, DD, 1D, 00, BB, C7, 00, 9B, E8, CA, 28, 85, FF, DC, 1D, 00, BB, C7, 00, 9B, DF, E0, 9E, 72, EF, 33, C0, 55, 68, A0, 1C, BC, 00, 64, FF, 30, 64, 89, 20, A1, 78, BE, BE, 00, 8B, 00, E8, A4, 80, 97, FF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
7.8 MB (8,128,000 bytes)

The file lupo_nrw_sv.exe has been seen being distributed by the following 10 URLs.

http://www.abteigymnasium.de/downloads/.../109-oberstufe.html?download=290:lupo-laufbahnplanung-oberstufe

http://www.sibi-honnef.de/files/.../LUPO_Schuelerversion.exe

http://pius-gymnasium.de/moodle/mod/.../view.php?id=1232

http://www.cfg.wtal.de/start/download/.../LuPO_NRW_SV.exe

http://www.gymnasium-schleiden.de/seiten/Das_SGS/Schulstufen/.../LuPO_NRW_SV.exe

http://pius-gymnasium.de/moodle/mod/.../view.php?id=1833

http://www.avh-gymnasium.de/fileadmin/dokumente/.../LuPO_NRW_SV.exe

http://www.beisenkamp.eu/schuelerbereich/lupo/.../LuPO_NRW_SV.exe

http://www.petrinum.de/fileadmin/user_upload/mjanssen/.../LuPO_NRW_SV.exe

http://cecilien-gymnasium.de/hp/cms/upload/.../LuPO_NRW_SV.exe

Scan lupo_nrw_sv.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.