home

showmypc.exe

ShowMyPC

This is a setup program which is used to install the application. The file has been seen being downloaded from www.151.co.il.
Publisher:
ShowMyPC  (signed and verified)

MD5:
cbc2a5895c71367d80c5afca0a2f2b5f

SHA-1:
b832d421980072952965b5dccaf1ae77d3a160e7

SHA-256:
59de153f126ee592e3f872e459a76dc7c5a67a91d3948f001ac2465d0fa9184e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 3:15:06 PM UTC  (today)

File size:
2 MB (2,146,552 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\showmypc.exe

Digital Signature
Signed by:
ShowMyPC

Authority:
COMODO CA Limited

Valid from:
10/11/2012 3:00:00 AM

Valid to:
10/12/2015 1:59:59 AM

Subject:
CN=ShowMyPC, O=ShowMyPC, STREET=2368 Donner PL, L=Santa Clara, S=CA, PostalCode=95050, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
088CAAEA8CB44DE9E2C3641B1B44F0EA

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:CelPRriykVyEPaPwA40qlg/mMLVd5ZeJoR/w:CePYhsn4Ll3KeWR/w

Entry address:
0x323C

Entry point:
A6, EE, C9, FE, 28, D5, 7B, FD, 1F, D3, 75, FD, 1F, D3, 74, FD, 1F, D3, 74, FD, 00, 8B, 00, FF, 00, 8B, 00, FF, 24, C9, 40, FF, 28, CE, 47, FF, 32, D2, 53, FF, 96, FC, D0, FF, 4A, DC, 72, FF, 9D, FF, D9, FF, 34, D2, 56, FF, 36, D3, 58, FF, 43, D6, 64, FF, 4F, D9, 6F, FF, 51, DA, 71, FF, 52, DB, 73, FF, 54, DB, 75, FF, 55, DC, 77, FF, 57, DC, 79, FF, 58, DD, 7B, FF, 80, EE, AC, FF, 81, EF, AE, FF, 5C, DF, 80, FF, 5D, DF, 82, FF, 5E, DF, 83, FF, 5F, E0, 84, FF, 60, E0, 86, FF, 61, E1, 87, FF, 62, E1, 88, FF...
 
[+]

Entropy:
7.9084  (probably packed)

Code size:
23 KB (23,552 bytes)

The file showmypc.exe has been seen being distributed by the following URL.

http://www.151.co.il/showmypc.exe

Scan showmypc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.