simulator.exe

MD5:
8e2d7a17202dbca18804ac7b9063cc32

SHA-1:
1ac04fa597e4712f2213cd8050d4f03db4237957

SHA-256:
f8fbcfe7608d457f5e28c40aca2355ce8d09f5c9aed0f343f869f3766dca2bad

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 5:07:59 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
W32/Virut.Gen
7.11.30.172

File size:
5.5 MB (5,746,176 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\phoenixrc\simulator.exe

File PE Metadata
Compilation timestamp:
1/6/2016 3:25:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:Wh2xm8hY4nmdOUW+BBm/bMfZjiv98OwxqGMoyRWDfFjwpD0ymQHI5RNPQ2mYCPbB:WkxDhY4nwOUDqbMBjiv98OwxqGMoyRWs

Entry address:
0x41BE7C

Entry point:
E8, AC, 34, 01, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 83, 65, E0, 00, 57, 6A, 07, 33, C0, 59, 8D, 7D, E4, F3, AB, 39, 45, 10, 75, 15, E8, 3D, 32, 00, 00, C7, 00, 16, 00, 00, 00, E8, 31, 99, 00, 00, 83, C8, FF, EB, 78, 8B, 4D, 0C, 56, 8B, 75, 08, 85, C9, 74, 19, 85, F6, 75, 15, E8, 19, 32, 00, 00, C7, 00, 16, 00, 00, 00, E8, 0D, 99, 00, 00, 83, C8, FF, EB, 53, B8, FF, FF, FF, 7F, 89, 45, E4, 3B, C8, 77, 03, 89, 4D, E4, FF, 75, 18, 8D, 45, E0, FF, 75, 14, C7, 45, EC, 42, 00, 00, 00, FF, 75...
 
[+]

Entropy:
6.6622

Code size:
4.4 MB (4,660,736 bytes)

Windows Firewall Allowed Program
Name:
E:\Program Files\PhoenixRC\Simulator.exe


The file simulator.exe has been seen being distributed by the following 2 URLs.

https://doc-0k-ac-docs.googleusercontent.com/docs/securesc/u6ud18j7nt7g9o590lg8hskutev4qaca/cqlcmedgoj0v8sn42li0etcpb939g7dt/1482026400000/08473220900886108539/.../0B9gqb_LFuqffU1E4TTVVRExrbjA?e=download

Scan simulator.exe - Powered by Reason Core Security