home

normal.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from servicos.ulbra.br and multiple other hosts.
MD5:
b103e5c096f139de819156efaa7a74ab

SHA-1:
e54b65b8b1ea0d182d03f8964277c3e0006af636

SHA-256:
c45c61e36cb5b56b3d2b426d9629bf611146aef3470c79b90c9b1593b97d2f32

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 2:37:27 PM UTC  (today)

File size:
685 KB (701,440 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:C1rBTslMQYKINeQ63wNKdU+sj944C/MU/frz6SGs3e+1fnUF6:CcOQewTU+sj944C/Z/fSSte+U

Entry address:
0x90208

Entry point:
55, 8B, EC, 83, C4, F4, 53, B8, 48, 00, 49, 00, E8, 57, 65, F7, FF, 8B, 1D, 88, 29, 49, 00, 8B, 03, E8, A6, 9B, FB, FF, 8B, 03, BA, 94, 02, 49, 00, E8, B6, 97, FB, FF, 8B, 0D, 74, 28, 49, 00, 8B, 03, 8B, 15, 10, 79, 48, 00, E8, 9F, 9B, FB, FF, 8B, 0D, A8, 27, 49, 00, 8B, 03, 8B, 15, 7C, 71, 48, 00, E8, 8C, 9B, FB, FF, 8B, 0D, 94, 27, 49, 00, 8B, 03, 8B, 15, 28, 75, 48, 00, E8, 79, 9B, FB, FF, 8B, 0D, 60, 27, 49, 00, 8B, 03, 8B, 15, 78, 6E, 48, 00, E8, 66, 9B, FB, FF, 8B, 03, E8, DF, 9B, FB, FF, 5B, E8, C1...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
573 KB (586,752 bytes)

The file normal.exe has been seen being distributed by the following 4 URLs.

https://servicos.ulbra.br/pls/ulbra24/.../860-134039.exe

http://www.gdace.uem.br/romel/MDidatico/.../Normal.exe

http://professor.pucgoias.edu.br/SiteDocente/admin/arquivosUpload/16017/.../Normal.exe

http://www.cesec.ufpr.br/.../Normal.exe

Scan normal.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.