home

tait30.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from mylabs.px.pearsoned.com and multiple other hosts.
MD5:
40437678b379e782cccadfdf8849c8b8

SHA-1:
0e3a9195a1741ed3e2af50199f9bd18e7d4a0ea1

SHA-256:
61e18c226e79832281d94e5815cff10ce28e2529da5d2e7293619eba46d63bb3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/16/2024 8:46:10 PM UTC  (today)

File size:
200 KB (204,825 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Documents and Settings\{user}\Local settings\temporary internet files\content.ie5\{random}\tait30.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:JLstWfaiOdwDCGS0tcbmChWUB6diUK5Sn0orS:JLsMrOg6KhUooUAorS

Entry point:
4D, 53, 43, 46, 00, 00, 00, 00, 19, 20, 03, 00, 00, 00, 00, 00, 2C, 00, 00, 00, 00, 00, 00, 00, 03, 01, 01, 00, 01, 00, 00, 00, 00, 00, 00, 00, 47, 00, 00, 00, 1B, 00, 03, 15, 00, 18, 0D, 00, 00, 00, 00, 00, 00, 00, A5, 3A, DD, 68, 20, 00, 54, 41, 49, 54, 33, 30, 2E, 65, 78, 65, 00, B1, 74, 19, F6, 72, 31, 00, 80, 5B, 80, 80, 8D, 47, 10, B0, B7, 05, 00, 22, 42, 00, 35, 00, 00, 0D, 00, EF, FF, FD, EA, 9D, 5F, 72, F9, 6C, 39, 43, 8E, 82, 21, 91, 90, 93, 80, 6A, 40, 4C, 36, 07, AD, 8B, FF, 0C, 2C, 04, 04, CD...
 
[+]

Entropy:
7.9981  (probably packed)

The file tait30.exe has been seen being distributed by the following 5 URLs.

http://mylabs.px.pearsoned.com/SIMrepository/web/.../wxOpIBII7IUdYgP2GP&SessionID=vn5qedntxipy3xki0mofbl5n

http://mylabs.px.pearsoned.com/SIMrepository/.../servecontent.pctp?intAssetID=11&FileMode=3&TokenID=o7BCPvps9Uhg94w5taZmyICUe3yozu4j&SessionID=c3z0pp4oz2ktgrbc2agmo2ei

http://mylabs.px.pearsoned.com/SIMrepository/web/.../GhLAjED&SessionID=txzywt21ffn52oy3fs502j21

http://mylabs.px.pearsoned.com/SIMrepository/web/.../UyowKQys8hFMAuMHS&SessionID=2hmgl2x0ezqsc3gqijvtc5el

http://mylabs.px.pearsoned.com/SIMrepository/.../servecontent.pctp?intAssetID=11&FileMode=3&TokenID=8qwGBHbQMcUcXeQOXkQukqJjpIQ1ADRy&SessionID=sqwpozcdci55sfuvrk22oajl

Scan tait30.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.