home

sapgui_740.exe

SAP Front-End Setup for the Windows Environment

SAP SE

This is a setup and installation application. The file has been seen being downloaded from constel1.sharepoint.com and multiple other hosts.
Publisher:
SAP SE

Product:
SAP Front-End Setup for the Windows(R) Environment

Description:
SAP Self-Extractor

Version:
9, 0, 61, 0

MD5:
13ceb36f1faacc9be627b699ed6c2761

SHA-1:
3d30bc97e8f7af5707e8817079853dd201a0e4d2

SHA-256:
3c337f578413543716324fe0d3e1a5ef19793b3f20922c67decc1d8b94dc0159

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 2:23:50 PM UTC  (today)

File size:
226.8 MB (237,774,260 bytes)

Product version:
9, 0, 61, 0

Copyright:
Copyright (C)2001-2015 SAP SE

Original file name:
SapSx.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\sapgui_740.exe

File PE Metadata
Compilation timestamp:
5/12/2015 2:10:51 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6291456:pv6GotWMHDFEs53auHKzr47xmTt4C7gLCHdAHlt2:pv6XDFd3aBr49i4C7w6N

Entry address:
0x3E84A

Entry point:
E8, 3D, AB, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 8B, 45, 0C, 53, 33, DB, 56, 57, 3B, C3, 0F, 84, D3, 00, 00, 00, 66, 39, 18, 0F, 84, CA, 00, 00, 00, 8B, 35, 78, 42, 46, 00, 39, 5D, 08, 75, 5D, 53, 53, 53, 50, FF, D6, 3B, C3, 75, 13, FF, 15, 24, 41, 46, 00, 50, E8, 1A, 55, 00, 00, 33, C0, E9, AE, 00, 00, 00, 8B, 7D, 10, 3B, F8, 77, 02, 8B, F8, 81, FF, FF, FF, FF, 7F, 76, 12, E8, D7, 54, 00, 00, C7, 00, 16, 00, 00, 00, 33, C0, E9, 8C, 00, 00, 00, 6A, 02, 57, E8, B8, EA, FF, FF, 8B, D8, 59, 59...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
395 KB (404,480 bytes)

The file sapgui_740.exe has been seen being distributed by the following 5 URLs.

https://constel1.sharepoint.com/sites/beerapps/OI_Finance_IT/.../SAPGUI_740.exe

https://blackboard.bentley.edu/bbcswebdav/.../xid-2040923_1

https://ut.blackboard.com/bbcswebdav/.../xid-4272236_1

https://royaldrive.scranton.edu/Groups/Ksom/MBO2013/SAP GUI 7.4/.../SAPGUI_740.exe

http://einstein.etsu.edu/~pittares/.../SAPGUI_740.exe

Scan sapgui_740.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.