» sketchuppro-pt-br-x64.exe
Overview
Analysis
File Details
Programs (2)
Downloads (11)

sketchuppro-pt-br-x64.exe

SketchUp Pro 2015-64-bit

Trimble Navigation

This is a self-extracting archive and installer. This is installed with multiple programs including SketchUp 2015. The file has been seen being downloaded from docs.google.com and multiple other hosts.

File name:

Publisher:

Trimble Navigation Limited (signed by Trimble Navigation)

Product:

SketchUp Pro 2015-64-bit

Description:

SketchUp Pro 2015-64-bit Installer

Version:

15.3.331

MD5:

23c2709c8af96eb8d20a253e8cdda073

SHA-1:

610292fcde2016a74e9b9a56c67b3578a583fad0

SHA-256:

c24381a00e5863f25619e4f7a4dd49bccc685b68206b2e0b4d07e8e6ffb3481a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/6/2024 5:01:53 AM UTC (today)

File size:

113.8 MB (119,335,264 bytes)

Product version:

15.3.331

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\sketchup 15.3.331 + vray\skecthup 15.3.331\sketchuppro-pt-br-x64.exe

Digital Signature

Signed by:

Trimble Navigation

Authority:

VeriSign, Inc.

Valid from:

12/12/2012 4:00:00 AM

Valid to:

2/11/2016 3:59:59 AM

Subject:

CN=Trimble Navigation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Trimble Navigation, L=Westminster, S=Colorado, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

253A9821E96D9EBA24D62AD3063947AD

File PE Metadata

Compilation timestamp:

5/13/2010 3:38:41 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

3145728:gklmC/zkAWaGfV7zeMPepAbAw+kM5MWPRdQQn7fpgwZW:gklN/zkpXV7z1PepAUw+kM51LBW

Entry address:

0x14A9B

Entry point:

E8, 71, 39, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 58, 42, 42, 00, 89, 0D, 54, 42, 42, 00, 89, 15, 50, 42, 42, 00, 89, 1D, 4C, 42, 42, 00, 89, 35, 48, 42, 42, 00, 89, 3D, 44, 42, 42, 00, 66, 8C, 15, 70, 42, 42, 00, 66, 8C, 0D, 64, 42, 42, 00, 66, 8C, 1D, 40, 42, 42, 00, 66, 8C, 05, 3C, 42, 42, 00, 66, 8C, 25, 38, 42, 42, 00, 66, 8C, 2D, 34, 42, 42, 00, 9C, 8F, 05, 68, 42, 42, 00, 8B, 45, 00, A3, 5C, 42, 42, 00, 8B, 45, 04, A3, 60, 42, 42, 00, 8D, 45, 08, A3, 6C, 42, 42, 00, 8B... 
[+]

Entropy:

7.9995 (probably packed)

Code size:

110 KB (112,640 bytes)

The file sketchuppro-pt-br-x64.exe has been discovered within the following programs.

SketchUp 2015 by Trimble Navigation Limited

www.sketchup.com

About 8% of users remove it

V-Ray for SketchUp adv by Chaos Software Ltd

About 4% of users remove it

The file sketchuppro-pt-br-x64.exe has been seen being distributed by the following 11 URLs.

https://docs.google.com/uc?export=download&confirm=ZbfV&id=0B3GXdBcLcxMjQmtxa3lmUld5ejA

http://download.trimble.com/sketchup/2015/.../sketchuppro-2015-3-331-70960-pt-br-x64.exe

http://10.10.10.107:8888/sdctl/.../export?pathfile=194cfcb65d4d9dbf07bcf1e011f3faeca45d62d989665d9d458124286197b9c79970082119a96327afa5dc0ca33230dc5445a8b99edacd9d&saveas=1&last_modified=1468159653000&7bb=335c3fbd1916ccc0457f9bde95f6f1b8&des=1

https://doc-0g-4c-docs.googleusercontent.com/docs/securesc/k8lrnjn08lsi6fsakviods3ikdub7sqh/h11r4bd5oje7c002da9tsta7lqov5uvb/1473458400000/.../02318850292374776857/0BywZrQRYQaZ5ZmdramVDcnpfWEk?e=download

http://downloads.totalcad.com.br/.../sketchup_win64.exe

https://doc-0k-0c-docs.googleusercontent.com/docs/securesc/uv2l6jra04erph5s35v87cqaj8o41p4b/1d9qflupqdd6ie71ki0qu09oi3kfbig9/1466532000000/18176540309033370536/.../0B9tKDNLiVVFra3lsX3hsUTRVU0E?e=download

https://mega.nz/temporary/.../zVp21QbC

http://downloads.totalcad.com.br/.../sketchup_win64.exe

http://gsf-cf.softonic.com/610/292/.../SketchUpPro-pt-BR-x64.exe

http://dl.trimble.com/sketchup/2015/.../SketchUpPro-2015-3-331-70960-pt-BR-x64.exe

http://dl.trimble.com/.../SketchUpPro-pt-BR-x64.exe

Scan sketchuppro-pt-br-x64.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.