passist_std.exe

ChengDu AoMei Tech Co., Ltd

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from filehippo.com and multiple other hosts.
Publisher:
AOMEI Technology Co., Ltd.   (signed by ChengDu AoMei Tech Co., Ltd)

Version:
6.0

MD5:
5944579a9df0f7ddb7399fa5c7a52450

SHA-1:
7ec2aacbc6b5fd72ce259e8565c9d97e405ec965

SHA-256:
2da1fc5503b4888b728fa8647ec9dc6f9d4ef108337160f45375833e0fa800c2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 1:35:56 AM UTC  (today)

File size:
9.6 MB (10,037,952 bytes)

Product version:
6.0

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\passist_std.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
6/26/2013 10:00:00 AM

Valid to:
6/26/2016 9:59:59 AM

Subject:
CN="ChengDu AoMei Tech Co., Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="ChengDu AoMei Tech Co., Ltd", L=Chengdu, S=Sichuan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3B6BF2A79BBEFAEEFF04087FFE96CF15

File PE Metadata
Compilation timestamp:
12/21/2011 1:16:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:/UapTjIgTprNs3xK5iWpRNIuz0LI8KecqtVE/MOnrAjye573+0iZdfcBgq2:Mo51rgxK5iWpRCuQcTeD/HGMyoqdf42

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Entropy:
7.9979

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file passist_std.exe has been seen being distributed by the following 50 URLs.

http://filehippo.com/de/download/file/.../

&onid=2248&oid=3001-2248_4-75118871&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14490923&mfgid=10080588&merid=10080588&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=94286a64278b36dc23573ee3&viewguid=fkJXZ92ksYUCpIAhNDFiv7Hz4PzjqiQv-RQM&destUrl=http://files.downloadnow.com/s/software/14/49/09/.../PAssist_Std.exe

http://filehippo.com/it/download/file/.../

http://1.csillagpor.hu/aomei-partition-assist_std.exe

http://filehippo.com/download/file/.../

http://123.briian.com/forum.php?mod=attachment&aid=MTIyNzh8YmExODQ5MGV8MTQ3ODExOTkwMXwwfDE3MjU=

http://www.bytesendclear.com/HLEwZueQOUui2aApgV291TNs8wGnRZjtg5QXcKbOpun_AQ7A4q17vhQ9OYai6xlx85xOVWcHml8AkCJryBFtnUp7ohO2qb3NdnGvu35TDbS_h3lD4uyZxc7y0exFxo2QTxe1zOsuXbPm4lI40b8ckWICthw OrlW3GOltzq3Yip3eJMG6y5c75ZFfUCD8jvZ_VKOdyny3E7A0pVZnnWm6Mc443JTtNYs2husLQzwHQ8pB3QYyibZ5sRUe054lBJ1 rZN1A NRWLY8hr26oFP6lsTE0 Anp1 L5NLP8fB_uaX7TjjVpjvPzn6BpougPUsvPseMNOutK4aCXZ4R54cD_Kdq7nyQHNq_K3zajNrAHaBOYRZn01a9eVsasyDZiMz uUKj5C5tjhU7B8aC00rq_FOCxdoSbeNRu9c338naThk L_zwjpd33QWS2futCuv7NmHOHdAO79xbyqBkwNXCGv_SQJIRsVVPA4jBlgs8iZQPgYDpQ0jy4bw1Ooc6Aqh59QbllR3B5Stx Iv3EiXlXKHNyrdEg40KDGvA4qhsqsmyQV0i81cnoIltxapzELwCDTkU6u6K5DoCdUhkwIgMhvj03b1XPc2FhA57e5lT w_ZJou1 nvYEARHpowXhr4gSfZ5qQwk6qxMh16UP09TQsDeq1opQ==-G4YAAGTcXEyHkK jslVHOPA4dZpsMWuAWWPsWNcpUQerjEcyZH7g3XZCZ_NwBe1f2AdoTswcSy7IWlF9l_w3xDYkP38mF3m5SGzEcF3DMsD3boMUxplj3sc5qyxZ3 SmZOdh2LYoFB_ciBeAQ==

http://filehippo.com/es/download/file/.../

&onid=2248&oid=3001-2248_4-75118871&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14490923&mfgid=10080588&merid=10080588&ctype=dm&cval=NONE&devicetype=desktop&pguid=b0459a017655008bde274ec7&viewguid=dSqP2vrKh-6AC65eAzRjOECEoJhlWqnHejSm&destUrl=http://files.downloadnow.com/s/software/14/49/09/.../PAssist_Std.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

&onid=2248&oid=3001-2248_4-75118871&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14490923&mfgid=10080588&merid=10080588&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=1f037b166c5b506ac7166c26&viewguid=hjeWguO23GxCpZSnxiLTTfWrQS8T06u7ixyO&destUrl=http://files.downloadnow.com/s/software/14/49/09/.../PAssist_Std.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

&onid=2248&oid=3001-2248_4-75118871&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14490923&mfgid=10080588&merid=10080588&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=b2915e8c94a7b990badfb084&viewguid=gi2h0J4frU72aTRQ8VxpnbT3b4jcjpg1R@sE&destUrl=http://files.downloadnow.com/s/software/14/49/09/.../PAssist_Std.exe

&onid=2248&oid=3001-2248_4-75118871&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14490923&mfgid=10080588&merid=10080588&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=de3c0275c5ccbeec6d7729a1&viewguid=fCtvjLkHEPwAdytHDzhLEN2vqAV@C4WAIsnH&destUrl=http://files.downloadnow.com/s/software/14/49/09/.../PAssist_Std.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

&onid=2248&oid=3001-2248_4-75118871&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14490923&mfgid=10080588&merid=10080588&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=d358f5b925b2e95e51d2d319&viewguid=gPdxvuIjb86oFoJJIh3ojAR13GiwTodtMczO&destUrl=http://files.downloadnow.com/s/software/14/49/09/.../PAssist_Std.exe

&onid=2248&oid=3001-2248_4-75118871&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14490923&mfgid=10080588&merid=10080588&ctype=dm&cval=NONE&devicetype=desktop&pguid=854a28996a0ef42b20715aee&viewguid=eNE0@ukSbO8NMeAV@KmZV4DcxZRmIjM1ZR1e&destUrl=http://files.downloadnow.com/s/software/14/49/09/.../PAssist_Std.exe

http://filehippo.com/download/file/.../

&onid=2248&oid=3001-2248_4-75118871&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14490923&mfgid=10080588&merid=10080588&ctype=dm&cval=NONE&devicetype=desktop&pguid=7f02ed2d08c24d94fe012e17&viewguid=dyEnGo917iquBr@E@-wJyL-3OFDD0T@UHip-&destUrl=http://files.downloadnow.com/s/software/14/49/09/.../PAssist_Std.exe

http://filehippo.com/download/file/.../

&onid=2248&oid=3001-2248_4-75118871&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14490923&mfgid=10080588&merid=10080588&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=37ce8d1071e7b40545b50971&viewguid=gpsCH4B0dLnye0YGBDfKoQdStwiYboMXdM3w&destUrl=http://files.downloadnow.com/s/software/14/49/09/.../PAssist_Std.exe

http://filehippo.com/it/download/file/.../

Latest 30 of 88 download URLs

Scan passist_std.exe - Powered by Reason Core Security