home

memcheck.exe

MD5:
9b36dd115ba9158e11f30e3e90fe5c0f

SHA-1:
2d434568b08cd75295beb2eb674ff5c7abe2c7d9

SHA-256:
0c0afd71bd23585c60c3876f2e70a085d997f3574e31404b72b37c4d6aa220c7

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
1/13/2025 3:43:06 PM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/S-e07e550d
v6.4.7.1.166

Qihoo 360 Security
HEUR/QVM19.1.0000.Malware.Gen
1.0.0.1120

File size:
45.5 KB (46,592 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\memcheck.exe

File PE Metadata
Compilation timestamp:
6/14/2016 5:05:12 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
14.0

CTPH (ssdeep):
384:BnsQ8k9X0jBj0U/lhFu+3z54JsNYN9uwXDPiBSYIuoIGEAsYpZjbplAZx3t01/:BsQb08+3z54JsNYDuwXzmYpBTAZxCl

Entry address:
0x1105F

Entry point:
E9, BC, 1C, 00, 00, E9, 5D, 15, 00, 00, E9, 70, 15, 00, 00, E9, B5, 49, 00, 00, E9, 48, 4A, 00, 00, E9, 33, 12, 00, 00, E9, CE, 17, 00, 00, E9, 79, 36, 00, 00, E9, 24, 48, 00, 00, E9, BF, 1F, 00, 00, E9, 96, 48, 00, 00, E9, 15, 0E, 00, 00, E9, 00, 2D, 00, 00, E9, CB, 34, 00, 00, E9, 94, 48, 00, 00, E9, A7, 48, 00, 00, E9, 2C, 4A, 00, 00, E9, 27, 1E, 00, 00, E9, E0, 48, 00, 00, E9, 1D, 38, 00, 00, E9, 28, 4A, 00, 00, E9, D3, 34, 00, 00, E9, B0, 49, 00, 00, E9, EB, 48, 00, 00, E9, F4, 1B, 00, 00, E9, 0F, 33...
 
[+]

Entropy:
4.5009

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
27 KB (27,648 bytes)

The file memcheck.exe has been seen being distributed by the following 2 URLs.

http://filedropper.com/.../filedownload.php?id=memcheck_2

http://www.filedropper.com/.../filedownload.php?id=memcheck_2

Scan memcheck.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.