portablefotosketcher_3.20.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download.fosshub.com and multiple other hosts.
Version:
3.20.0.0

MD5:
43c210d63b6451ace4c495654285175a

SHA-1:
d57b0447cdd955c31a23ce2c93280879c0a30db8

SHA-256:
55e7f7fa6e82d824d12f00870a99c0b740bb6c3d0220a1146cdc6cab7c9879cb

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/25/2024 6:14:09 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.7237

File size:
8.2 MB (8,608,768 bytes)

Product version:
3.20.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\fotosketcher 3.20 portable\portablefotosketcher_3.20.exe

File PE Metadata
Compilation timestamp:
8/28/2015 5:33:21 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:6H8Z2dJF7BwJNIWpNS+/LkVEAZ+rOs6q6pjpJw3DqOgxE3:6QlpDS+geN56r7wFQ

Entry address:
0x16EB630

Entry point:
60, BE, 00, 40, 31, 01, 8D, BE, 00, D0, 0E, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 41, 9A, 6E, 01, 57, 83, C3, 04, 53, 68, 24, 76, 7D, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.9886  (probably packed)

Code size:
7.8 MB (8,228,864 bytes)

The file portablefotosketcher_3.20.exe has been seen being distributed by the following 10 URLs.

https://download.fosshub.com/Protected/expiretime=1471901221;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Gb3RvU2tldGNoZXIuaHRtbA==/896d7fe2e7985a12119eaba38a1d0f5b8281d17e084bfe7a30305deb7c31f7db/.../PortableFotoSketcher_3.20.exe

https://download.fosshub.com/Protected/expiretime=1459305657;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Gb3RvU2tldGNoZXIuaHRtbA==/14be5fa80b9f7167f7ca14a5aa82d232a8ef2180a2ad3e9eca1bf74b181984b9/.../PortableFotoSketcher_3.20.exe

http://download6.fileeagle.com/files/2016/.../PortableFotoSketcher_3.20.exe

http://r2.computerbild.de/exec/r2r.pl?m=w-cobi;u=http://d.computerbild.de/downloads/.../PortableFotoSketcher_3.20.exe

https://download.fosshub.com/Protected/expiretime=1469463556;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Gb3RvU2tldGNoZXIuaHRtbA==/93d93a5b4f9619a552774a5f125ecc22c4ceece32f6b2182b5df820874c2d460/.../PortableFotoSketcher_3.20.exe

http://download.fosshub.com/Protected/expiretime=1448261974;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9Gb3RvU2tldGNoZXIuaHRtbA==/ed1f26624327d26cd5ba710f253d54cff17f6cf04640697333dd36c08f61e887/.../PortableFotoSketcher_3.20.exe

http://www.fotosketcher.com/PortableFotoSketcher_3.20.exe

Scan portablefotosketcher_3.20.exe - Powered by Reason Core Security