home

pta95nt.exe

This is a setup program which is used to install the application.
MD5:
fcdf61f9bc93cc01e827b83fa7d2db0f

SHA-1:
a7996a690d940ea921b6035e020056de77ca3a86

SHA-256:
c8611bf25c227f059a099ed3449ba183ac5225726a4429fd8a8aeda78950226d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/15/2025 4:36:12 AM UTC  (today)

File size:
1.6 MB (1,644,669 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\pta95nt.exe

File PE Metadata
OS version:
124.4353

OS bitness:
Win16

Subsystem:
Windows GUI

Linker version:
3.0

CTPH (ssdeep):
49152:kmmwXEtpTeVgoImyqxuyCmIcSscxC+1fge8u:kmmwXEtVeVrIm5xKmPSscxCsfgO

Entry address:
0x10C0106

Entry point:
4D, 5A, 90, 00, 02, 00, 00, 00, 22, 00, 11, 00, FF, FF, 07, 00, 00, 01, 65, 40, 00, 00, 00, 00, 40, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 90, 02, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9982  (probably packed)

Code size:
192 KB (196,611 bytes)

The file pta95nt.exe has been seen being distributed by the following URL.

ftp://ftp.kodak.com/web/dai/.../pta95nt.exe

Scan pta95nt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.