nav_18.1.0.37_ms_loem_mrf1325a_5452.exe

Norton AntiVirus

Symantec Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from download.roro44.com.
Publisher:
Symantec Corporation

Product:
Norton AntiVirus

Version:
18.1.0.37

MD5:
73df1927e30934f6e776e0cc4be8cfb5

SHA-1:
3d9dece85867839756147a10a8676d7c029c3165

SHA-256:
64f9c98ebf32c69ae5574a4df333ca221ffc954318d33a4f4383daf1ca8d2b7b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 12:59:00 PM UTC  (today)

File size:
7.3 MB (7,643,499 bytes)

Product version:
18.1.0.37

Copyright:
Copyright (c) 1997-2010 Symantec Corporation

Original file name:
NAV-OEM.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\nav_18.1.0.37_ms_loem_mrf1325a_5452.exe

File PE Metadata
Compilation timestamp:
8/13/2010 11:56:09 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:ji2krqPo9CX/jvHcNrOTdlqzYQqMdB2CT:ji2S0ooKO5lqTq4Ay

Entry address:
0x5B2EA

Entry point:
E8, BC, 83, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 0C, A1, B8, 50, 49, 00, 33, C5, 89, 45, FC, 56, 33, F6, 57, 3B, DE, 75, 1E, E8, 81, 15, 00, 00, 6A, 16, 5F, 56, 56, 56, 56, 56, 89, 38, E8, 17, D8, FF, FF, 83, C4, 14, 8B, C7, E9, 47, 01, 00, 00, FF, 75, 08, 53, E8, 78, F3, FF, FF, 59, 59, 3B, 45, 08, 72, 07, 33, C0, 66, 89, 03, EB, CB, 8B, 55, 0C, 8B, 02, 8B, 48, 14, 3B, CE, 75, 2A, 8B, C3, 66, 39, 33, 74, 1C, 0F, B7, 08, 66, 83, F9, 41, 72, 0C, 66, 83, F9, 5A, 77, 06, 83, C1, 20, 66, 89...
 
[+]

Entropy:
7.8868  (probably packed)

Code size:
445 KB (455,680 bytes)

The file nav_18.1.0.37_ms_loem_mrf1325a_5452.exe has been seen being distributed by the following URL.

Scan nav_18.1.0.37_ms_loem_mrf1325a_5452.exe - Powered by Reason Core Security