home

pomer.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.gymmoldava.edu.sk.
Version:
2.0.0.426

MD5:
92bc8692cc59199018cd144c298408e8

SHA-1:
4f0ca849070bd89cac99df44f4b090f88313547b

SHA-256:
0dd83c33a5eb846e40b6ce6a3e8ccbf9f9ba4f6e482ba6f20df3fef54497c054

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 11:48:41 AM UTC  (today)

File size:
3 MB (3,189,663 bytes)

Product version:
2.0.0.426

File type:
Executable application (Win32 EXE)

Language:
Anglictina (Spojené královstvo)

Common path:
C:\users\{user}\downloads\pomer.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:R/m20trEtUtcZZSOVZGcf33AuuJMMCmmXrr4SSLNNlQQmUUxyyzTTdEEZAAott3r:RO2F5ZGu33AuuJMMCmmXrr4SSLNNlQQp

Entry address:
0x1C1C90

Entry point:
55, 8B, EC, 83, C4, F4, B8, C8, 16, 5C, 00, E8, A8, 53, E4, FF, A1, 58, 58, 5C, 00, 80, 38, 00, 75, 0B, A1, 38, 5D, 5C, 00, 8B, 00, C6, 40, 4B, 00, A1, 38, 5D, 5C, 00, 8B, 00, E8, D3, 8A, E7, FF, 8B, 0D, 20, 5A, 5C, 00, A1, 38, 5D, 5C, 00, 8B, 00, 8B, 15, 2C, C9, 4C, 00, E8, D3, 8A, E7, FF, A1, 38, 5D, 5C, 00, 8B, 00, E8, 47, 8B, E7, FF, E8, E2, 1E, E4, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.8 MB (1,838,592 bytes)

The file pomer.exe has been seen being distributed by the following URL.

http://www.gymmoldava.edu.sk/.../pomer.exe

Scan pomer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.