home

Screenpresso.exe

Screenpresso

Learnpulse

This is installed with Screenpresso. The file has been seen being downloaded from lb.cdn.m6web.fr and multiple other hosts.
Publisher:
Learnpulse  (signed and verified)

Product:
Screenpresso

Version:
1.6.2.0

MD5:
858f8f069da043b11ed13a6b189578eb

SHA-1:
72d1dfbb6de44b1b867dae9a9880bb837897309c

SHA-256:
c2a20404a6b0cbce898486e516f6049fcd050b6744dbdb071f04635bb3af0d1e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 6:20:20 PM UTC  (today)

File size:
11.8 MB (12,347,488 bytes)

Product version:
1.6.2.0

Copyright:
Copyright © Learnpulse 2016

Original file name:
Screenpresso.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\learnpulse\screenpresso\screenpresso.exe

Digital Signature
Signed by:
Learnpulse

Authority:
Thawte, Inc.

Valid from:
2/23/2014 7:00:00 AM

Valid to:
5/7/2016 6:59:59 AM

Subject:
CN=Learnpulse, O=Learnpulse, L=TOULOUSE, S=Haute Garonne, C=FR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
48A4512F54830AEE8CD60DC465C14A14

File PE Metadata
Compilation timestamp:
1/10/2016 7:05:08 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
196608:iOdhGhywsZdG1G242brRsw/8cRbAeYgzFi0FjUkQh+:cZXFP7/FRbAeJuW

Entry address:
0xBA0496

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, E4, 48, 92, 56, 00, 00, 00, 00, 02, 00, 00, 00, 5A, 00, 00, 00, D8, 04, BA, 00, D8, E6, B9, 00, 52, 53, 44, 53, 87, 13, 41, E6, A0, 5B, C3, 46, 91, 57, C2, D4, 96, F8, E3, 92, 01, 00, 00, 00, 63, 3A, 5C, 67, 69, 74, 5C, 53, 63, 72, 65, 65, 6E, 70, 72, 65, 73, 73, 6F, 5C, 53, 63, 72, 65, 65, 6E, 70, 72, 65, 73, 73, 6F, 5C, 73, 72, 63, 5C, 6F...
 
[+]

Entropy:
7.0582

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
11.6 MB (12,183,040 bytes)

The file Screenpresso.exe has been discovered within the following program.

Screenpresso  by LearnPulse
www.screenpresso.com
About 8% of users remove it
 
Powered by Should I Remove It?

The file Screenpresso.exe has been seen being distributed by the following 7 URLs.

http://lb.cdn.m6web.fr/d/c/a/810e1ab89b4971bb90e6330291425dec/57246059/soft/.../screenpresso_1-6-2_fr_311538.exe

http://cdn.screenpresso.com/.../Screenpresso.exe

http://software.thaiware.com/download_url.php?id=13245

http://pl.screenpresso.com/.../Screenpresso.exe

http://fr.screenpresso.com/.../Screenpresso.exe

http://screenpresso.com/.../Screenpresso.exe

http://www.screenpresso.com/.../Screenpresso.exe

Scan Screenpresso.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.