home

sp16380.exe

This is a setup program which is used to install the application.
MD5:
52101f84f63abe5128f36fe103ee1a5b

SHA-1:
f836af76c889953162588dc2fa939da0a8b7a65a

SHA-256:
422187a0a93a24f3b7de066566b444e997cb34a88b6c917b930363b83ecea61d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 3:53:08 AM UTC  (today)

File size:
1.7 MB (1,803,458 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\{random}\sp16380.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
24576:S28Dyxae4hxtSj9zyVCD9RDEkkqLOSsvJKmbULach27ZPiId9od9ntyKTKQoCwrH:S7aQzqyVCzfzOSszUOchJIId9nAKTu

Entry point:
4D, 5A, BC, 01, 44, 00, 01, 00, 08, 00, D8, 06, FF, FF, 7C, 08, 00, 02, 00, 00, 00, 01, F0, FF, 52, 00, 00, 00, 0D, 21, 50, 4B, 4C, 49, 54, 45, 20, 43, 6F, 70, 72, 2E, 20, 31, 39, 39, 30, 2D, 39, 31, 20, 50, 4B, 57, 41, 52, 45, 20, 49, 6E, 63, 2E, 20, 41, 6C, 6C, 20, 52, 69, 67, 68, 74, 73, 20, 52, 65, 73, 65, 72, 76, 65, 64, 07, 00, 00, 00, 56, 00, 6A, 00, 00, 00, 20, 00, 30, 02, FF, FF, 00, 0E, 80, 00, 00, 00, 10, 00, A8, 0C, 1E, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.7807  (probably packed)

The file sp16380.exe has been seen being distributed by the following URL.

ftp://ftp.compaq.com/pub/softpaq/.../sp16380.exe

Scan sp16380.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.