home

recovermyphotos-setup.exe

{code:GDConstant|CompanyName}

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from download.srv-eu01.getdata.com.
Publisher:
{code:GDConstant|CompanyName}

Description:
Recover deleted photos from digital cameras and other media

Version:
4.4.6.1608

MD5:
2c5a0cbc8ee74bca38f638ed5871b00b

SHA-1:
3ef78d1d4b9c7174810d249db0b9283462903ea0

SHA-256:
5abf4ef239eee9ca9cc1337b79c9116c68a2b42f26103161e1a4e0b653b3da05

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/12/2025 9:26:14 PM UTC  (today)

File size:
14 MB (14,718,296 bytes)

Product version:
4.4.6.1608

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\recovermyphotos-setup.exe

File PE Metadata
Compilation timestamp:
3/17/2011 11:22:54 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:qwgjBZHpBMuRQOH4H5uGV53AAt+w3YWytsnip2:qV3JKGQK4HY05HvcsnZ

Entry address:
0x16478

Entry point:
F3, 04, D6, 86, EC, 86, D1, 02, D9, 85, FF, 28, EA, B8, 80, E9, D6, 56, 78, 04, 33, EF, 89, C0, 69, D7, 1F, F0, E9, 73, 68, E1, 3C, 00, 00, 42, F7, C5, B0, 70, DC, 22, 5E, 0F, B6, DD, 84, E2, 81, EE, FC, 06, 00, 00, 01, CD, C6, C6, A9, 6B, C9, 00, FE, CC, BF, 36, D7, 33, 23, F2, 33, CE, 8A, FF, 8A, D2, 81, F1, A3, 56, 00, 00, 0A, DC, 69, D0, DF, FE, AF, F3, 69, F0, 36, FC, 59, 15, 56, F3, 8B, F9, 8D, 05, 47, 35, 50, C0, 89, DA, 1D, DC, 4E, 3D, 1B, E8, 00, 00, 00, 00, 8A, DD, C6, C7, 82, 8D, 15, 93, DD, C0...
 
[+]

Code size:
84 KB (86,016 bytes)

The file recovermyphotos-setup.exe has been seen being distributed by the following URL.

http://download.srv-eu01.getdata.com/RecoverMyPhotos-Setup.exe

Scan recovermyphotos-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.