publish_2_4_win64.exe

Elluminate Publish!

Elluminate, Inc.

Publisher:
Elluminate, Inc.

Product:
Elluminate Publish!

Version:
2.4.2

MD5:
327f814a8431f62dd83c142773affb9d

SHA-1:
a7ecb515312f0d14bc869d066c1471c06ef41851

SHA-256:
1f42707833b282fd6e615650ce50722fe41c917153bf13c3928214deb4b1ab5b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 8:13:30 PM UTC  (today)

File size:
132.8 MB (139,206,144 bytes)

Product version:
2.4.2

Copyright:
Elluminate, Inc.

Original file name:
Publish_2_4_win64.exe

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\publish_2_4_win64.exe.c1zhiri.partial

File PE Metadata
Compilation timestamp:
12/13/2012 6:22:29 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3145728:P/6ci/i7V6GeQrAdyU16rDUyENAVGpw3itcLJR8KC+k13WdJo:P/n4iXeQrAoUwsyYdpwkMJR8KC+k13Wc

Entry address:
0x1E75C

Entry point:
48, 83, EC, 28, E8, BF, B5, 00, 00, 48, 83, C4, 28, E9, 12, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 30, 48, 85, C9, 74, 0D, 48, 85, D2, 74, 08, 4D, 85, C0, 75, 2C, 44, 88, 01, E8, 6B, FD, FF, FF, BB, 16, 00, 00, 00, 48, 83, 64, 24, 20, 00, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 89, 18, E8, 67, B2, FF, FF, 8B, C3, 48, 83, C4, 30, 5B, C3, 4C, 8B, C9, 41, 8A, 00, 49, FF, C0, 41, 88, 01, 49, FF, C1, 84, C0, 74, 06, 48, 83, EA, 01, 75, EA, 48, 85, D2, 75, 0E, 88, 11, E8, 22, FD, FF, FF, BB, 22, 00, 00, 00, EB...
 
[+]

Entropy:
7.9988  (probably packed)

Code size:
197.5 KB (202,240 bytes)

The file publish_2_4_win64.exe has been seen being distributed by the following 4 URLs.

https://docs.google.com/uc?export=download&confirm=H1e_&id=0B3-F9PimQWnuRzNsbHV0YlExNW8

Scan publish_2_4_win64.exe - Powered by Reason Core Security