pcscreencapture.exe

The executable pcscreencapture.exe has been detected as malware by 6 anti-virus scanners. The file has been seen being downloaded from www.softsea.com.
MD5:
8aacc710d40278f72ea13081df729c2d

SHA-1:
68c5922e50d2f556c4d7efe96e61c72099bdd8db

SHA-256:
ba27c1c0616cba80d934dd1da2f287d2dc69f1c0a7dd3b9438000f281f280fc1

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
11/27/2024 1:57:28 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Dropper-gen [Drp]
160503-1

Emsisoft Anti-Malware
Gen:Variant.Kazy.311754
11.5.0.6191

ESET NOD32
Win32/Injector.BOOH trojan
8.0.319.0

Kaspersky
Trojan.Win32.Inject
15.0.0.562

Microsoft Security Essentials
Threat.Undefined
1.223.2949.0

Norman
Gen:Variant.Kazy.311754
19.05.2016 01:04:49

File size:
1.2 MB (1,214,464 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pcscreencapture.exe

File PE Metadata
Compilation timestamp:
11/1/2014 6:27:52 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:y2DuzMrNTZQtCwAHHwGq8ziww8x71RLkx9UyNlS:tui9ZQSHwiziERLkx9Uy

Entry address:
0x24FE

Entry point:
E8, B9, 22, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, F8, 91, 41, 00, 89, 0D, F4, 91, 41, 00, 89, 15, F0, 91, 41, 00, 89, 1D, EC, 91, 41, 00, 89, 35, E8, 91, 41, 00, 89, 3D, E4, 91, 41, 00, 66, 8C, 15, 10, 92, 41, 00, 66, 8C, 0D, 04, 92, 41, 00, 66, 8C, 1D, E0, 91, 41, 00, 66, 8C, 05, DC, 91, 41, 00, 66, 8C, 25, D8, 91, 41, 00, 66, 8C, 2D, D4, 91, 41, 00, 9C, 8F, 05, 08, 92, 41, 00, 8B, 45, 00, A3, FC, 91, 41, 00, 8B, 45, 04, A3, 00, 92, 41, 00, 8D, 45, 08, A3, 0C, 92, 41...
 
[+]

Entropy:
6.9277

Code size:
47.5 KB (48,640 bytes)

The file pcscreencapture.exe has been seen being distributed by the following URL.

Remove pcscreencapture.exe - Powered by Reason Core Security