home

screenshare[www-ap1_globalmeet_com__1_2378697_85725315-9e57-3af7-a401-0086d14c9e81]screenshare.exe

Premiere Global Services, Inc.

Publisher:
Premiere Global Services, Inc.  (signed and verified)

MD5:
676c4104b810f4dbf38ffb64f5f12951

SHA-1:
c9be4962501ac9768b677b504d54ff409837f9ae

SHA-256:
85e8741140cbd57246944b6685f61e79f2386eff547a10617aed0dd9c72454dc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/10/2025 6:02:19 PM UTC  (today)

File size:
218.5 KB (223,760 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\screenshare[www-ap1_globalmeet_com__1_2378697_85725315-9e57-3af7-a401-0086d14c9e81]screenshare.exe

Digital Signature
Signed by:
Premiere Global Services, Inc.

Authority:
DigiCert Inc

Valid from:
2/6/2014 5:30:00 AM

Valid to:
12/8/2016 5:30:00 PM

Subject:
CN="Premiere Global Services, Inc.", O="Premiere Global Services, Inc.", L=Atlanta, S=Georgia, C=US

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0F749468444631E1BB57827CDB4EFAF5

File PE Metadata
Compilation timestamp:
12/10/2015 12:11:08 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:MwJU1wJMF7RUZ6ameLDITiP06D/kmi0kH9lCPERC0FCPERC0rUjfun7:aiJo74HNLDITiR/0r

Entry address:
0xABA1

Entry point:
E8, CC, 85, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 2B, EE, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 8B, 45, 08, 56, 8B, F1, C6, 46, 0C, 00, 85, C0, 75, 63, E8, 89, 38, 00, 00, 89, 46, 08, 8B, 48, 6C, 89, 0E, 8B, 48, 68, 89, 4E, 04, 8B, 0E, 3B, 0D, 80, 69, 42, 00, 74, 12, 8B, 0D, 98, 68, 42, 00, 85, 48, 70, 75, 07, E8, 97, 11, 00, 00, 89, 06, 8B, 46, 04, 3B, 05, 30, 72, 42, 00, 74, 16, 8B, 46, 08, 8B, 0D, 98, 68, 42, 00...
 
[+]

Entropy:
6.5162

Code size:
117 KB (119,808 bytes)

The file screenshare[www-ap1_globalmeet_com__1_2378697_85725315-9e57-3af7-a401-0086d14c9e81]screenshare.exe has been seen being distributed by the following 13 URLs.

http://www-na1.globalmeet.com/w/pub/api/1/ss/install/1691326/dx72a5pcwtswat01fvqygbci1/.../en?pwd=vwne63ue3xnfd62p&hcid=1691326

http://www-na1.globalmeet.com/w/pub/api/1/ss/install/2592327/j3ptx6s7wqombhhdn954e5x/.../en?pwd=thpgtl8t19y0s17j&hcid=2592327

http://www-na1.globalmeet.com/w/pub/api/1/ss/install/2358326/1aa63pnlbldjs1jhf2i3bpdf7/.../en?pwd=k6ookupcd8i4ihki&hcid=2358326

http://www-na1.globalmeet.com/w/pub/api/1/ss/install/2578321/ex18mkdzrq8vnosgl76bgde0k/.../en?pwd=3qptoga35ww74yo1&hcid=2578321

http://www-na1.globalmeet.com/w/pub/api/1/ss/install/1693780/833nwlvg5bu7gsxz0x5eq6sp7/.../en?pwd=ikh7k2kn8cwdrojt&hcid=1693780

http://www-na2.globalmeet.com/w/pub/api/1/ss/install/2685748/bedo6td4ie1w67w27yx3lennr/.../en?pwd=wpipgiew2p1u55dc&hcid=2685748

http://www-na1.globalmeet.com/w/pub/api/1/ss/install/2243095/14jfcegi3j13lsfonuxf14pz2/.../en?pwd=su3obc4fqpva80bn&hcid=2243095

http://www-eu1.globalmeet.com/w/pub/api/1/ss/install/2285327/awk8wqgs989h5v0izq6i4mrmp/.../en?pwd=hvpaod2gm252ig2o&hcid=2285327

http://www-eu1.globalmeet.com/w/pub/api/1/ss/install/2476068/1rizync9umknfkpmhyo4ln5ve/.../en?pwd=0r45dr9rf7x8khpg&hcid=2476068

http://www-ap1.globalmeet.com/w/pub/api/1/ss/install/2620630/c3ayhkrqyc2j99c4uajvdvla3/.../en?pwd=ni6jga8d276r05oy&hcid=2620630

http://www-eu1.globalmeet.com/w/pub/api/1/ss/install/2093584/dflvc8d19cjx4dgtgfy9ttfwk/.../en?pwd=j3y3xjbcgijg3kvq&hcid=2093584

http://www-na1.globalmeet.com/w/pub/api/1/ss/install/1495012/7gwk3bpkmdge5yelndyw07f8s/.../en?pwd=eve6ppsqu9ta6wou&hcid=1495012

http://www-ap1.globalmeet.com/w/pub/api/1/ss/install/2575806/2srvgorss3nsksu2idvi1ev0a/.../en?pwd=b8emixkkkdxduwod&hcid=2575806

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.