home

showorrun.exe

MD5:
b85b2a67a985db3963f34da54074f0be

SHA-1:
cf87433f393edde3898313abdcd7166d431d80a3

SHA-256:
1fde0d3d0ff30973a2f60d3aa30f0f1fd1fde03dacfe8a061399b9e473addbbc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 8:40:18 PM UTC  (today)

File size:
14.5 KB (14,848 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\programs\showorrun.exe

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
384:5qckeFXq41WS/1szWEN9YjH3K4EXK+zzPYl:QeFXqHS/1szW8IdEauz

Entry address:
0x35D0

Entry point:
55, 8B, EC, 83, C4, E0, 53, 33, C0, 89, 45, E0, 89, 45, E4, 89, 45, E8, 89, 45, EC, B8, 90, 35, 40, 00, E8, F5, FD, FF, FF, 33, C0, 55, 68, ED, 36, 40, 00, 64, FF, 30, 64, 89, 20, E8, 52, F0, FF, FF, 48, 7D, 18, 6A, 00, 68, FC, 36, 40, 00, 68, 04, 37, 40, 00, 6A, 00, E8, 88, FE, FF, FF, E9, B5, 00, 00, 00, 8D, 55, EC, B8, 01, 00, 00, 00, E8, 8A, F0, FF, FF, 8B, 45, EC, E8, 7E, FA, FF, FF, 50, 6A, 00, E8, 5E, FE, FF, FF, 8B, D8, 85, DB, 75, 1F, 6A, 00, 8D, 55, E8, B8, 01, 00, 00, 00, E8, 65, F0, FF, FF, 8B...
 
[+]

Entropy:
5.9906

Developed / compiled with:
Microsoft Visual C++

Code size:
10 KB (10,240 bytes)

The file showorrun.exe has been seen being distributed by the following URL.

http://www.bayden.com/.../ShowOrRun.exe

Scan showorrun.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.