home

sommer.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from solisvpn.uu.nl.
MD5:
9239ffcad60d2bd1fe86ae2a7e941fa8

SHA-1:
5f76ddfd19dda8f04c966e31eaa29856e6ab99ac

SHA-256:
8c63c1c3f840e555a4501d3672ba9c9b21aef5f9c5ada8e9594df1916cae2550

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 1:03:13 AM UTC  (today)

File size:
1.8 MB (1,861,632 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\sommer.exe

File PE Metadata
Compilation timestamp:
7/21/2010 12:09:06 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.20

CTPH (ssdeep):
24576:6zWED6zr0Ln0xGIW4IAMv1D948rKoV+eOQ/GK0Pq55fB/jAbOADLkAylhVPBFCp8:6zWFr0Ln0ro1xKc+izcGBBZAylhVPhA

Entry address:
0x1000

Entry point:
55, 89, E5, 83, EC, 18, 83, E4, F0, A1, 00, 80, 5C, 00, 85, C0, 74, 01, CC, D9, 7D, FE, 0F, B7, 45, FE, 66, 25, C0, F0, 66, 89, 45, FE, 0F, B7, 45, FE, 66, 0D, 3F, 03, 66, 89, 45, FE, D9, 6D, FE, C7, 04, 24, 90, 30, 40, 00, E8, 33, 34, 12, 00, C9, C3, 90, 55, 89, E5, 81, EC, 48, 04, 00, 00, DD, 05, 10, 60, 52, 00, 89, 5D, F4, 8B, 5D, 0C, 89, 75, F8, 8B, 15, 08, 80, 5C, 00, 89, 7D, FC, D9, C0, A1, C8, B5, 5D, 00, DC, 4D, 18, D9, C9, BE, C0, 3F, 53, 00, 8D, 1C, 5B, DC, 4D, 10, C1, E3, 02, 8B, 7D, 08, DD, 05...
 
[+]

Code size:
1.1 MB (1,197,568 bytes)

The file sommer.exe has been seen being distributed by the following URL.

https://solisvpn.uu.nl/ CSCOE /files/files_retr/init/html/file/cifs://666279766670627A2E68682E6179/UU/Users/3157881/Mod.Gec.Mat/sss/.../sommer.exe

Scan sommer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.