home

regedit.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from s9.chomikuj.pl.
MD5:
dfc6fa59bb85ad9ded6841094383e8bd

SHA-1:
7b429a4715eabc84cd82b32e344ad92f01ecabf1

SHA-256:
c4bf6f92a6fa6c4b77cab9a34501eff558afd0387cab007a3c23bdbf8c84e402

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 1:29:25 PM UTC  (today)

File size:
147 KB (150,528 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\sng\nn3.2.6_wince5.0-6.0_sng\regedit.exe

File PE Metadata
Compilation timestamp:
12/3/2003 12:23:55 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:

Linker version:
6.24

CTPH (ssdeep):
3072:GB0pm5EB7LYADq6gqyqvmHEZirYNiCg6R:qr587LYADq6gmukkr5Cg6R

Entry address:
0xFF84

Entry point:
F0, 40, 2D, E9, 00, 40, A0, E1, 01, 50, A0, E1, 02, 60, A0, E1, 03, 70, A0, E1, 06, 00, 00, EB, 07, 30, A0, E1, 06, 20, A0, E1, 05, 10, A0, E1, 04, 00, A0, E1, 30, EC, FF, EB, F0, 40, BD, E8, 0B, 00, 00, EA, 00, 40, 2D, E9, 20, 10, 9F, E5, 18, 00, 9F, E5, 3A, 00, 00, EB, 0C, 10, 9F, E5, 04, 00, 9F, E5, 00, 40, BD, E8, 36, 00, 00, EA, A0, 32, 02, 00, B0, 32, 02, 00, B4, 32, 02, 00, B8, 32, 02, 00, 00, 20, A0, E3, 00, 10, A0, E3, 00, 00, 00, EA, 00, 00, 00, 00, F0, 40, 2D, E9, 02, 60, A0, E1, 00, 70, A0, E1...
 
[+]

Packer / compiler:
PocketPC, 0xARM

Code size:
60.5 KB (61,952 bytes)

The file regedit.exe has been seen being distributed by the following URL.

http://s9.chomikuj.pl/File.aspx?id=216&vid=1793245866&tk=1549850&t=634785850493575498&d=60&k=1387997&name=TRE - Edytor rejestru - Pulpit Win CE po starcie Larka.exe&loc=PL

Scan regedit.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.