» orcame11.exe
Overview
Analysis
File Details
Network (1)

orcame11.exe

Estoque Fácil

MTG Softwares Ltda.

File name:

orcame11.exe

Publisher:

MTG Softwares Ltda.

Product:

Estoque Fácil

Version:

6.0.0.29

MD5:

88b8803f436b2e48d36edb5cbe7c41d5

SHA-1:

e1b4c395018146eb5be4ee6746c18fa9fcb8b34a

SHA-256:

5130b905d2e672da537b4404f298b0cce76ab7eaf89a9d247b8823b634a2717d

Scanner detections:

5 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/15/2024 8:54:57 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Packed/PC-Guard

7.1.1

Bkav FE

HW32.Packed

1.3.0.6379

Comodo Security

Heur.Packed.MultiPacked

22115

Dr.Web

Trojan.Packed.Based

9.0.1.08

McAfee

Artemis!88B8803F436B

5600.6526

File size:

3.3 MB (3,473,920 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

Brazilian Portuguese

File PE Metadata

Compilation timestamp:

1/23/2011 10:28:00 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:mV2e20j1gpAxYYf0RiHnyU8SpFHZRIwTB:ib20eAxxDHyU8SplZRIw

Entry address:

0x82E000

Entry point:

FC, 55, 50, E8, 00, 00, 00, 00, 5D, 60, E8, 03, 00, 00, 00, 83, EB, 0E, EB, 01, 0C, 58, EB, 01, 35, 40, EB, 01, 36, FF, E0, 0B, 61, B8, 20, D1, 41, 00, EB, 01, E3, 60, E8, 03, 00, 00, 00, D2, EB, 0B, 58, EB, 01, 48, 40, EB, 01, 35, FF, E0, E7, 61, 2B, E8, 9C, EB, 01, D5, 9D, EB, 01, 0B, 58, 60, E8, 03, 00, 00, 00, 83, EB, 0E, EB, 01, 0C, 58, EB, 01, 35, 40, EB, 01, 36, FF, E0, 0B, 61, 89, 85, 50, 86, 43, 00, 9C, EB, 01, D5, 9D, EB, 01, 0B, 58, EB, 01, E3, 60, E8, 03, 00, 00, 00, D2, EB, 0B, 58, EB, 01, 48... 
[+]

Packer / compiler:

PC Guard for Win32 v5.00

Code size:

5.5 MB (5,719,552 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to orion05.locaweb.com.br (191.252.4.25:80)

Scan orcame11.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.