mindmaple_lite_v171.exe

MindMaple Setup

MindMaple Inc.

This is a setup and installation application. The file has been seen being downloaded from docs.google.com and multiple other hosts.
Publisher:
MindMaple Inc.  (signed and verified)

Product:
MindMaple Setup

Description:
MindMaple Lite 1.71 Installer

Version:
1.71.1.236

MD5:
5ebcbd6ac904e58516cb58531aa36867

SHA-1:
598be20a4b5e16ee499a5e72c1497bd66477eabb

SHA-256:
a3b54f55d63c61ba37509406220223428ed1c058dea0f15e9f91e9e2154400a8

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/15/2024 5:13:50 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6979

File size:
14.3 MB (14,975,120 bytes)

Product version:
1.71.1.236

Copyright:
Copyright (C) 2015 MindMaple Inc. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\programs\mindmaple_lite_v171.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/15/2013 5:30:00 AM

Valid to:
7/15/2016 5:29:59 AM

Subject:
CN=MindMaple Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=MindMaple Inc., L=Santa Clara, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4CF2BAA198AC9735C82950E24CB56C49

File PE Metadata
Compilation timestamp:
12/1/2010 10:50:35 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
393216:q6k7pDwBHSzZKh7OrmwNSqv4ODmzXVl65:7Uc+i7OrmwNSm4OCJla

Entry address:
0x347F

Entry point:
55, 8B, EC, 81, EC, 84, 01, 00, 00, 53, 56, 33, DB, 57, 89, 5D, F0, C7, 45, F8, B0, 73, 40, 00, 89, 5D, FC, C6, 45, F4, 20, FF, 15, B8, 70, 40, 00, A3, B8, 31, 59, 00, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 88, 72, 40, 00, 6A, 08, A3, F8, 7C, 59, 00, E8, 9A, 26, 00, 00, 8B, 35, 20, 72, 40, 00, 68, 50, 74, 40, 00, A3, 00, 7C, 59, 00, FF, D6, 68, 40, 74, 40, 00, A3, 20, 90, 40, 00, FF, D6, 68, 30, 74, 40, 00, A3, 24, 90, 40, 00, FF, D6, 68, 20, 74, 40, 00, A3, 28, 90...
 
[+]

Entropy:
7.9980

Developed / compiled with:
Microsoft Visual C++

Code size:
23.5 KB (24,064 bytes)

The file mindmaple_lite_v171.exe has been seen being distributed by the following 8 URLs.

https://docs.google.com/uc?authuser=0&id=0B1enyjMjEc2CcW13V0VrY1p2VjQ&export=download

http://www.downloadcrew.com/?act=software.download&id=35001&t=1480868128&c=a8adb7d57f803b811e455c228a14ba17497b3468

http://www.apoforma.it/elearning/pluginfile.php/341/mod_forum/attachment/.../MindMaple_Lite_v171.exe

https://docs.google.com/a/.../uc?authuser=0&id=0B0EbJX9n14SAU2dWSVFjRjZZM1E&export=download

http://www.downloadcrew.com/?act=software.download&id=35001&t=1473479111&c=d45c2d230b3dee3d42419312b1a1b0e463108878

Scan mindmaple_lite_v171.exe - Powered by Reason Core Security