photo5548-ykoh413qx27cq2vncuyruv0a5qk2a4.psd.exe

Internet Widgits Pty Ltd

The application photo5548-ykoh413qx27cq2vncuyruv0a5qk2a4.psd.exe by Internet Widgits Pty has been detected as a potentially unwanted program by 7 anti-malware scanners. The file has been seen being downloaded from mediafire.com.
Publisher:
ImageView  (signed by Internet Widgits Pty Ltd)

Description:
Photo.jpg

Version:
1.0.0

MD5:
64a84ceca740ae125f8d7888b451d7cf

SHA-1:
04c4697fdaa453e716abc7a9e0f6411193196408

SHA-256:
934242c7854de3097ccefab3c29688f44b2e32db9c35244eef78f7558f7addd2

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 3:46:10 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Crypt-PFR [Trj]
160518-2

Dr.Web
BackDoor.IRC.NgrBot.42
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Symmi.20314
16.07.20

ESET NOD32
Win32/Injector.AGMQ trojan
8.0.319.0

F-Secure
Variant.Symmi.20314
5.15.96

Microsoft Security Essentials
Threat.Undefined
1.225.1925.0

Reason Heuristics
PUP.Internet (M)
16.7.25.8

File size:
160.9 KB (164,717 bytes)

Product version:
1.0.0

File type:
Executable application (Win32 EXE)

Language:
Polish (Poland)

Common path:
C:\users\{user}\downloads\photo5548-ykoh413qx27cq2vncuyruv0a5qk2a4.psd.exe

Digital Signature
Authority:
Internet Widgits Pty Ltd

Valid from:
4/24/2013 8:53:18 PM

Valid to:
4/24/2015 8:53:18 PM

Subject:
O=Internet Widgits Pty Ltd, S=DF, C=GF

Issuer:
O=Internet Widgits Pty Ltd, S=FF, C=GG

Serial number:
01

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
3072:GmQLo1T+HflHDiHQsQRvOF/rMC0Q3grbRrufCacz0aFeOffM:JQLGqBi0R2SC0Q3gFrufF3b+M

Entry address:
0x3834

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, 57, B8, FC, 37, 40, 00, E8, 6D, FB, FF, FF, BF, A0, 86, 40, 00, 8B, 35, 50, 86, 40, 00, BB, 00, 50, 11, 01, 6A, 00, 6A, 00, 6A, 00, 6A, 00, 6A, 00, E8, 12, FC, FF, FF, 6A, 00, 6A, 00, 6A, 00, 6A, 00, 6A, 00, E8, 03, FC, FF, FF, 6A, 00, 6A, 00, 6A, 00, 6A, 00, 6A, 00, E8, F4, FB, FF, FF, 6A, 00, 6A, 00, 6A, 00, 6A, 00, 6A, 00, E8, E5, FB, FF, FF, 6A, 00, 6A, 00, 6A, 00, 6A, 00, 6A, 00, E8, D6, FB, FF, FF, 6A, 00, 6A, 00, 6A, 00, 6A, 00, 6A, 00, E8, C7, FB, FF, FF, 6A, 00, 6A...
 
[+]

Entropy:
7.3966

Developed / compiled with:
Microsoft Visual C++

Code size:
23 KB (23,552 bytes)

The file photo5548-ykoh413qx27cq2vncuyruv0a5qk2a4.psd.exe has been seen being distributed by the following URL.