home

recovermyphotos-setup.exe

{code:GDConstant|CompanyName}

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from download.eu1.cloud.getdata.com.
Publisher:
{code:GDConstant|CompanyName}

Description:
Recover deleted photos from digital cameras and other media

Version:
4.4.6.1608

MD5:
68a8f4491f65136f47b51a7561cd876d

SHA-1:
ce7a5aa780aae103bc8d5cd0d610bc7b2549caf6

SHA-256:
123071d26aa4fa49bbe847b99b45690cf3244a57d19315a7b5d19db85e02ba05

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:52:54 AM UTC  (today)

File size:
14 MB (14,718,296 bytes)

Product version:
4.4.6.1608

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\recovermyphotos-setup.exe

File PE Metadata
Compilation timestamp:
3/17/2011 12:22:54 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:dgjBZHpBMuRQOH4H5uGV53AAt+w3YWytsnip2:a3JKGQK4HY05HvcsnZ

Entry address:
0x16478

Entry point:
60, EB, 04, 32, CB, FE, C7, 68, B0, 79, C9, 00, 68, F1, 49, 4F, 00, 3B, D8, 70, 05, 0F, B6, E9, 1A, CA, 02, DF, EB, 0B, F6, C7, E9, 84, F6, C7, C5, CC, 96, B2, B5, 81, F9, 9D, 8E, 00, 00, 77, 09, 28, FF, 8A, EA, BE, 34, 06, DD, 87, 3B, D2, 76, 06, 0F, B6, D0, 42, 22, D5, E8, 46, 00, 00, 00, 0F, AF, DE, 41, 80, F5, B2, 8D, 2D, 35, B2, E6, 4E, FF, C6, F7, C3, 34, 10, C4, 5D, F3, 70, 05, 0F, AF, D7, 84, C3, 83, E3, 00, 69, D2, 99, 5F, C5, 74, 0B, DD, 0F, BF, FA, 00, FD, FF, CF, EB, 08, 8B, F6, 81, DA, 7A, DA...
 
[+]

Entropy:
7.9989  (probably packed)

Code size:
84 KB (86,016 bytes)

The file recovermyphotos-setup.exe has been seen being distributed by the following URL.

http://download.eu1.cloud.getdata.com/RecoverMyPhotos-Setup.exe

Scan recovermyphotos-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.