» ProPresser.exe
Overview
Analysis
File Details
Downloads (8)

ProPresser.exe

update

bcb123

This is a setup program which is used to install the application. The file has been seen being downloaded from docviewer.yandex.com.tr and multiple other hosts.

File name:

ProPresser.exe

Publisher:

bcb123

Product:

update

Version:

3.03

MD5:

3dfb35dad9f3267aff56326a825b9f69

SHA-1:

3f35c7d43c7db994e0f98edc032f52f2a6f5ec67

SHA-256:

ad9f6ec8770c9b06b20fec38f2ceaf2ba100307b5b01b552a809d6ffe5a1483c

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/26/2024 11:51:53 PM UTC (a few moments ago)

File size:

924 KB (946,176 bytes)

Product version:

3.03

Original file name:

ProPresser.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

10/30/2014 2:50:12 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:JEww9uXzuQ+Wa/Enww9fww9dXMT3WiBhrgKiuW4:DuuXzuDWyEwuoudXMzxr5iuW4

Entry address:

0x4120

Entry point:

68, A8, EE, 42, 00, E8, F0, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 1F, 70, C7, FC, 07, 7D, 93, 42, 82, A5, 87, 1C, CA, 72, 18, 20, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 49, 00, 06, 50, 83, 01, 50, 72, 6F, 50, 72, 65, 73, 73, 65, 72, 00, 00, 84, B7, 99, 02, 00, 00, 00, 00, 88, E1, 9A, 02, 00, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 0F, 00, 00, 00, 00, 31, 31, 62, D4, 6C, B4, 41, A1, 34, 46, B6, 67, 7E, A7, 05, 01, 00, 00, 00, A0, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

852 KB (872,448 bytes)

The file ProPresser.exe has been seen being distributed by the following 8 URLs.

https://docviewer.yandex.com.tr/source?id=g5is-bzngjl2cq49ceo79uiriptcoyekwmpj5n2rcy4rjy6xusygp9n3klb4747nyreh7ro446jm1vj99ur2ltukmw34wyv5kcocze62&archive-path=//ProPresser.exe&ts=159c85a423c&token=ScEuYzUFpBYS2EksQiF6UQ==&name=ProPresserV3.3.rar

https://docviewer.yandex.com/source?id=g5is-bzngjl2cq49ceo79uiriptcoyekwmpj5n2rcy4rjy6xusygp9n3klb4747nyreh7ro446jm1vj99ur2ltukmw34wyv5kcocze62&archive-path=//ProPresser.exe&ts=157f38b0b43&token=IRa4STe9iVATvdfZoxuKOQ==&name=ProPresserV3.3.rar

https://docviewer.yandex.com/source?id=g5is-bzngjl2cq49ceo79uiriptcoyekwmpj5n2rcy4rjy6xusygp9n3klb4747nyreh7ro446jm1vj99ur2ltukmw34wyv5kcocze62&archive-path=//ProPresser.exe&ts=157aa9a03b0&token=bZpFpEur2M4HE yd3PYF8g==&name=ProPresserV3.3.rar

https://docviewer.yandex.com/source?id=g5is-bzngjl2cq49ceo79uiriptcoyekwmpj5n2rcy4rjy6xusygp9n3klb4747nyreh7ro446jm1vj99ur2ltukmw34wyv5kcocze62&archive-path=//.../drcQ==&name=ProPresserV3.3.rar

https://docviewer.yandex.com/source?id=g5is-bzngjl2cq49ceo79uiriptcoyekwmpj5n2rcy4rjy6xusygp9n3klb4747nyreh7ro446jm1vj99ur2ltukmw34wyv5kcocze62&archive-path=//ProPresser.exe&ts=151944fe867&token=e4FeUX Rlev2kC79bgWnjw==&name=ProPresserV3.3.rar

https://docviewer.yandex.com.tr/source?id=g5is-bzngjl2cq49ceo79uiriptcoyekwmpj5n2rcy4rjy6xusygp9n3klb4747nyreh7ro446jm1vj99ur2ltukmw34wyv5kcocze62&archive-path=//ProPresser.exe&ts=154e3664937&token=Hl kq/.../a8DJvsBtmDQ==&name=ProPresserV3.3.rar

https://docviewer.yandex.com/source?id=g5is-bzngjl2cq49ceo79uiriptcoyekwmpj5n2rcy4rjy6xusygp9n3klb4747nyreh7ro446jm1vj99ur2ltukmw34wyv5kcocze62&archive-path=//ProPresser.exe&ts=15202b558e4&token=OreZeasFLaTq2lEtnQd98A==&name=ProPresserV3.3.rar

https://docviewer.yandex.com/source?id=g5is-bzngjl2cq49ceo79uiriptcoyekwmpj5n2rcy4rjy6xusygp9n3klb4747nyreh7ro446jm1vj99ur2ltukmw34wyv5kcocze62&archive-path=//ProPresser.exe&ts=1500830c21b&token=gijrv8KhMC8MirzVvJTAGQ==&name=ProPresserV3.3.rar

Scan ProPresser.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.