» nero 7installer.exe
Overview
Analysis
File Details
Downloads (1)

nero 7installer.exe

Pikir

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.megacapitalgrab.com.

File name:

nero 7installer.exe

Product:

Pikir

Description:

Pikir Setup

Version:

1.1.2.2

MD5:

d02f19a6746eb57cf056a37e6d49ebca

SHA-1:

c4f70fd3abbac81b53d0ac244d4be193dd93829b

SHA-256:

782e498287fddd2037ab177bdb87630e274aa0568b906b26323d881218b3f47a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 7:52:44 AM UTC (today)

File size:

1.1 MB (1,122,776 bytes)

Product version:

1.1.6

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\nero 7installer.exe

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:p9vRXR3Ni5z1KxAnOj07BVY8RxaiztCl5GLl:p9rNY1oAnOAdVTxaeCle

Entry address:

0x9C40

Entry point:

81, FE, FC, DF, 00, 00, 71, 09, 41, C7, C3, 0F, FC, A3, EB, 2B, D7, 87, E8, 8B, DF, F7, D1, 81, EA, FB, 08, 00, 00, 81, F9, F5, 0A, 00, 00, 74, 08, 12, FE, 81, C5, 71, 8E, CB, 16, 81, EA, CB, 0C, 00, 00, FE, CD, 0C, D0, 0F, B6, C3, E8, A0, 00, 00, 00, 3D, E4, B0, 00, 00, 76, 01, 4D, BA, 8C, 02, E4, 0E, 81, F9, 38, 31, 00, 00, 72, 02, 0F, CB, 85, D7, 87, C1, 8D, 15, 4C, 90, 02, 00, 0F, AF, C8, 81, C2, 9F, 0B, 00, 00, 80, FB, C0, 8D, 2A, B4, 1F, 81, ED, E1, 47, 02, 00, 0F, AF, C6, 03, FD, 71, 06, F7, C1, 08... 
[+]

Entropy:

7.9256 (probably packed)

Code size:

37 KB (37,888 bytes)

The file nero 7installer.exe has been seen being distributed by the following URL.

http://www.megacapitalgrab.com/WVl6OTRQVThsTWtadkpUSkNXRkZ6YVhoQlpISjNjMVJaUXpsaUpUSkNVVnBhYzJOQ1YxcDFjRzlHSlRKR1YyTm9UMHR5VFdFeVJTVXpSQ1pqUFRKdlZYZHhNV2sySlRKQ1pFZE9jVTFLYzBjbE1rSlVSWEpYWm5NNGFIQWxNa1pzT1hSVGJrSmhiWEowVFc5dWFGSTROM1J0UkhJNVdHMW5SR2xRVW5WdU1UTlpkRWxKY0dwUk1FcFlaaVV5UmtKdFNYZG5aR05LY0d0aE1HdE9kVll4WVdwS2VDVXlRbFExYjB4S1VXeGliVlp6UkRaS1F6TlFUV3BhUmxnM1ptdExVbFJtVkRWUU9YRnZXR1pZSlRKR1FrRTJTRU00VkRKM1ZXNWFUSE5QUVNVelJDVXpSQ1psUFRBbVpHOTNibXh2WVdSQmN6MU9aWEp2S3pkSmJuTjBZV3hzWlhJdVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdkM2QzTG01bGNtOHVZMjl0SlRKR1pHOTNibXh2WVdRdWNHaHdKVE5HYVdRbE0wUnVNakF4TkMxd1lXUT0=

Scan nero 7installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.