home

ProMod.exe

ProMod

OldSkool

This is a self-extracting archive and installer. The file has been seen being downloaded from wp11261561.server-he.de.
Publisher:
OldSkool

Product:
ProMod

Description:
OldSkools ProMod Installer

Version:
1.03.0192

MD5:
18c80542e01c053ed0b3ab1ba7fbe8c6

SHA-1:
18026faf134f5287eba5f3094c888b136b559a0b

SHA-256:
1dcb497dfdc35b0e139c2217269fda39b9c83e48cecc614101d241ceb4a9e5c5

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/28/2024 3:12:59 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.KillFiles.20520
9.0.1.044

Trend Micro House Call
Suspicious_GEN.F47V0107
7.2.44

Trend Micro
PAK_Generic.008
10.465.13

File size:
6 MB (6,295,552 bytes)

Product version:
1.03.0192

Copyright:
OldSkool

Trademarks:
OldSkool

Original file name:
ProMod.exe

File type:
Executable application (Win32 EXE)

Language:
Germana (Germania)

File PE Metadata
Compilation timestamp:
1/2/2015 2:02:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:jyAHxfolMiXPOSf0F8d4pcjnKL8libZmkPKf6fLBL:jyARfnYOYdPDc8libZmkPr

Entry address:
0x2ACC

Entry point:
68, AC, 2E, 40, 00, E8, EE, FF, FF, FF, 00, 00, 60, 00, 00, 00, 30, 00, 00, 00, 58, 00, 00, 00, 38, 00, 00, 00, E6, 84, D1, CE, 91, 9F, 9A, 47, AE, DB, 81, 35, BA, 41, 96, AA, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 4D, 6F, 64, 00, 00, 4F, 6C, 64, 53, 6B, 6F, 6F, 6C, 73, 20, 50, 72, 6F, 4D, 6F, 64, 20, 49, 6E, 73, 74, 61, 6C, 6C, 65, 72, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, A8, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
1.4 MB (1,441,792 bytes)

The file ProMod.exe has been seen being distributed by the following URL.

http://wp11261561.server-he.de/.../?download=ProMod.exe

Scan ProMod.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.