home

regcureprosetup_1990ebf3-b069-459e-87ff-40a9dc3629a9_.exe

Win

Microsoft

This is a setup program which is used to install the application. The file has been seen being downloaded from www.microsoftfixit.eu.
Publisher:
Microsoft

Product:
Win

Version:
1.00

MD5:
be90ae1e0b68e17049ccaeffd3260484

SHA-1:
19c1f5e20931184d55e7090a5d8bbfd6ed53094a

SHA-256:
bf6fffa4b9b839b8bfa5361ebb8468475a39deedc0112a6e72cca086c5912e81

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:35:38 PM UTC  (today)

File size:
7.8 MB (8,167,151 bytes)

Product version:
1.00

Original file name:
Win.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\regcureprosetup_1990ebf3-b069-459e-87ff-40a9dc3629a9_.exe

File PE Metadata
Compilation timestamp:
1/29/2011 10:14:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:0o3ekdueZpg79icSvle7JoWWR+fcAs6b4ObUYGv9VqaX3C3k0MQ6Uo98CIaeU/vr:0q8eZpW9iH18g44OwY69TXysUcF5J

Entry address:
0x3670

Entry point:
68, D4, 3E, 40, 00, E8, F0, FF, FF, FF, 00, 00, 40, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 4E, FD, 3F, 66, 66, 03, 7C, 4D, BB, 90, 8A, 53, 55, B6, 4E, BE, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 57, 69, 6E, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 88, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 07, 00, 00, 00, FE, F3, 37, 6C, 8C, 6A, 06, 49, 90, BC, EE, A8, EA, 24, EE, 44, 01, 00, 00, 00, 98, 00, 00, 00, A8, 00, 00, 00, 01, 00, 00, 00...
 
[+]

Entropy:
7.7709

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
172 KB (176,128 bytes)

The file regcureprosetup_1990ebf3-b069-459e-87ff-40a9dc3629a9_.exe has been seen being distributed by the following URL.

http://www.microsoftfixit.eu/.../

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.