PHOENİX V.2012.50.001.49220.exe

Phoenix Service Software 2012.50.001.49220

Seidea

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from i21.indiworlds.com and multiple other hosts.
Publisher:
Seidea

Product:
Phoenix Service Software 2012.50.001.49220

Description:
Phoenix Service Software 2012.50.001.49220 Setup

Version:
2012.50.001.49220

MD5:
4217c693b03a9da5fa024b5e5cfc132d

SHA-1:
3fb2b0de7f0c1807977ffc57fef140783e2c9dde

SHA-256:
e697b5109269a9bb9a9666df461a700cf46eca2d72e5860ea424ec54cfd0a895

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 4:37:21 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/HackTool.Patcher (variant)
8.9723

File size:
104.7 MB (109,803,613 bytes)

Product version:
2012.50.001.49220

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Turkish (Turkey)

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3145728:BEP4WPxPY2Hyd32BGPg5Jk3f4wy93/2k+eQh:eg0e/PgzkvE3qeS

Entry address:
0x9C18

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, AE, 94, FF, FF, E8, B5, A6, FF, FF, E8, 44, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, D4, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 9D, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 5A, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9998

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file PHOENİX V.2012.50.001.49220.exe has been seen being distributed by the following 19 URLs.

http://i21.indiworlds.com:182/d/.../Phoenix_Service_Software_2012.50.001.49220__ed-nokiafirmware24.blogspot.com.exe

https://docviewer.yandex.ru/source?id=1tcd59-jvghnn5ct6efql8p7upx16q9uynk44nd7dwpx7x7bjheikx7fpj195nw8mscmnjlnb04y918l63nftec5hukhbz0pstfdjr7pgv&archive-path=//Phoenix_Service_Software_2012.50.001.49220_Cracked.exe&ts=158b66553e5&token=ctSAP/.../3PvK5KiP0A==&name=Phoenix_Service_Software_2012.50.001.49220_Cracked.zip

http://i21.indiworlds.com:182/d/.../Phoenix_Service_Software_2012.50.001.49220__ed-nokiafirmware24.blogspot.com.exe

https://docs.google.com/uc?export=download&confirm=hyAZ&id=0B4FX-2BPJjQlWVJaVllXUG9rWlU

https://docviewer.yandex.ua/source?id=1tcd59-jvghnn5ct6efql8p7upx16q9uynk44nd7dwpx7x7bjheikx7fpj195nw8mscmnjlnb04y918l63nftec5hukhbz0pstfdjr7pgv&archive-path=//Phoenix_Service_Software_2012.50.001.49220_Cracked.exe&ts=1583b0e32d0&token=U2mfbsrDagwi4SiGmSK8rw==&name=Phoenix_Service_Software_2012.50.001.49220_Cracked.zip

https://docviewer.yandex.com/source?id=1tcd59-jvghnn5ct6efql8p7upx16q9uynk44nd7dwpx7x7bjheikx7fpj195nw8mscmnjlnb04y918l63nftec5hukhbz0pstfdjr7pgv&archive-path=//Phoenix_Service_Software_2012.50.001.49220_Cracked.exe&ts=14ab0adf8fe&token=zviTXoeDX5Gl9jbD9 Rl2A==&name=Phoenix_Service_Software_2012.50.001.49220_Cracked.zip

https://onedrive.live.com/download.aspx?cid=6B5D4DE8869DC85E&authKey=!AOqL_mvzlvGDbIo&resid=6B5D4DE8869DC85E!10769&ithint=.exe

http://i19.indiworlds.com:182/d/.../Phoenix_Service_Software_2012.50.001.59220__ed-nokiafirmware24.blogspot.com.exe

http://202.170.114.102:280/Khanathip12/TannYKhunG/NOKIA/.../Phoenix_Service_Software_2012.50.001.49220_Cracked-2.exe

Scan PHOENİX V.2012.50.001.49220.exe - Powered by Reason Core Security