pscan13.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.download3k.com and multiple other hosts.
MD5:
7f2dd700c862b18082f3bc059baa60f4

SHA-1:
a290efe6f8515e3d74d994f65769007e6b963160

SHA-256:
52c86fdd7adb6da7d27ddd74d8769c7cb6f673f01c56373c07487205a804a87d

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 12:38:12 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clode02.Trojan
1.3.0.4924

ESET NOD32
Win32/NetTool.Portscan.AC
7.9410

K7 AntiVirus
Trojan
13.175.11136

ViRobot
JS.A.Iframe.436309
2011.4.7.4223

File size:
426.1 KB (436,309 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pscan13.exe

File PE Metadata
Compilation timestamp:
8/23/2000 4:40:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.0

CTPH (ssdeep):
6144:LugEkIUgJJcDvipCclPqFqnDCkaBgEeAZVA1bDWyTczLIRMbNPDw9CjjvsCJF:LCJJJdpnhUvhVObDWDLIRMZKCjjvJF

Entry address:
0x1020

Entry point:
55, 8B, EC, 81, EC, 14, 04, 00, 00, 53, 56, 57, 6A, 00, FF, 15, 08, 41, 40, 00, 68, 00, 50, 40, 00, FF, 15, 04, 41, 40, 00, 85, C0, 74, 29, 6A, 00, A1, 00, 20, 40, 00, 50, FF, 15, 20, 41, 40, 00, 8B, F0, 6A, 06, 56, FF, 15, 1C, 41, 40, 00, 6A, 03, 56, FF, 15, 1C, 41, 40, 00, 33, C0, E9, 0C, 03, 00, 00, 68, 02, 7F, 00, 00, 33, F6, 56, FF, 15, 14, 41, 40, 00, 50, FF, 15, 10, 41, 40, 00, 68, 00, 02, 00, 00, 8D, 85, EC, FD, FF, FF, 50, 56, FF, 15, 00, 41, 40, 00, 56, B8, 00, 00, 00, 80, 50, 8D, 8D, EC, FD, FF...
 
[+]

Entropy:
7.9513

Developed / compiled with:
Microsoft Visual C++

Code size:
2.5 KB (2,560 bytes)

The file pscan13.exe has been seen being distributed by the following 26 URLs.

http://www.download3k.com/DownloadLink2-Advanced-Port-Scanner.html

https://doc-10-ac-docs.googleusercontent.com/docs/securesc/bngr3uldtmgvpa4tvta7ogk1d4pcv6m8/jua4o25scs6m1iesvu4eamql4jdmil0h/1456488000000/.../04091759090373794775/0B3zrrsFnQbsyeUsxQU9oRGtxU3c?e=download

http://cs07.superfiles.me/f/086187125170146200055167189243082104032181251226024220/1473977585/19713548/0/.../Advanced_Port_Scanner_1.3-spaces.ru.exe

http://elearning.uaeu.ac.ae/bbcswebdav/.../xid-1562035_2

&onid=18508&oid=3001-18508_4-98269&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=networking/wireless&topicbrcrm=windows software&pid=308608&mfgid=73294&merid=73294&ctype=dm&cval=NONE&devicetype=desktop&pguid=b2b198e444cae5ba3c778eeb&viewguid=RuOlipN@nYc98oosFaavsjjmol83LqyJi6Ja&destUrl=http://software-files-a.cnet.com/s/software/30/86/.../pscan13.exe

Scan pscan13.exe - Powered by Reason Core Security