home

procsy_w8.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from update.cho.it.
MD5:
26a95eff117f1a58a1c51e01ffc2b3f7

SHA-1:
aab37c4c4b0fd0c2a1f2c44805c7c10529ad1168

SHA-256:
70ff87260f569108f818847394bef7fe1e2f1912f24a2556df475c53900f9cd9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 4:34:05 PM UTC  (today)

File size:
998.5 KB (1,022,464 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\procsy_w8.exe

File PE Metadata
Compilation timestamp:
9/16/2015 11:59:48 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
12288:OicWw6UOISMvQCcOoaUGAyWM+YKE2wi8uI/ZFaaQqLRoziJit8FzSiinDSaxNT9b:YTaaQqLRsHt8F+iinkubHUYtDmdpZO5

Entry address:
0x4D141

Entry point:
E8, C0, 04, 00, 00, E9, 4E, FE, FF, FF, CC, CC, CC, CC, CC, 83, 3D, 8C, 06, 65, 00, 00, 74, 37, 55, 8B, EC, 83, EC, 08, 83, E4, F8, DD, 1C, 24, F2, 0F, 2C, 04, 24, C9, C3, 83, 3D, 8C, 06, 65, 00, 00, 74, 1B, 83, EC, 04, D9, 3C, 24, 58, 66, 83, E0, 7F, 66, 83, F8, 7F, 74, D3, 8D, A4, 24, 00, 00, 00, 00, 8D, 49, 00, 55, 8B, EC, 83, EC, 20, 83, E4, F0, D9, C0, D9, 54, 24, 18, DF, 7C, 24, 10, DF, 6C, 24, 10, 8B, 54, 24, 18, 8B, 44, 24, 10, 85, C0, 74, 3C, DE, E9, 85, D2, 79, 1E, D9, 1C, 24, 8B, 0C, 24, 81, F1...
 
[+]

Code size:
618.5 KB (633,344 bytes)

The file procsy_w8.exe has been seen being distributed by the following URL.

http://update.cho.it/.../Procsy_W8.EXE

Scan procsy_w8.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.