home

sangiacomoweb.altervista.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from doc-0c-28-docs.googleusercontent.com.
Version:
1.0.0.0

MD5:
b43ce1e28e6e16c5fa2cec33d8dfa003

SHA-1:
1b9981911f84f756230830b3bc9384d380b7c7ac

SHA-256:
6811492b074a4bc6d3f81b25f87299a931d57743e469ab0e966091ebaa23d289

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 7:06:49 AM UTC  (today)

File size:
8 MB (8,356,864 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\sangiacomoweb.altervista.exe

File PE Metadata
Compilation timestamp:
7/16/2015 1:10:12 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:XVaR5KzjNGATRo9ctU3wb0E0vlRm8QCQMMm1nFby/ZcijTHkeUMl4h8c/TNHLKfN:0R5ojNlclK8PHH+ci/hZlMLNrKtD

Entry address:
0x297684

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, C8, 68, 00, E8, 28, 40, D7, FF, A1, D0, 7A, 6B, 00, 8B, 00, E8, F0, 22, E9, FF, A1, D0, 7A, 6B, 00, 8B, 00, B2, 01, E8, 02, 40, E9, FF, 8B, 0D, 10, 77, 6B, 00, A1, D0, 7A, 6B, 00, 8B, 00, 8B, 15, B0, 9D, 68, 00, E8, E2, 22, E9, FF, A1, D0, 7A, 6B, 00, 8B, 00, E8, 3A, 24, E9, FF, E8, 91, FB, D6, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.6 MB (2,710,528 bytes)

The file sangiacomoweb.altervista.exe has been seen being distributed by the following URL.

https://doc-0c-28-docs.googleusercontent.com/docs/securesc/7nahpcr7m4jroii2qn7vf5tf43u194kb/j27gkp19dbhoqvfeesdaogph34e5lui5/1456387200000/01086877365912518188/.../0B4TOxXpbmGGGY3lGTWl6alVjM3M?e=download

Scan sangiacomoweb.altervista.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.