test_prof_2015_ipivr.exe

Shu Application

CJT Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from download82.files.attachmail.ru.
Publisher:
CJT Ltd

Product:
Shu Application

Version:
1, 0, 0, 1

MD5:
b4ae85217c255ea8c4608d6183ca4c93

SHA-1:
3def9b7f1d644ac4126097bc4dbb63ba1ca33a58

SHA-256:
c9778fa2386a5d0e6490729b96d74038811e212969101f94bfcd7be4b087e2f9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 4:38:06 PM UTC  (today)

File size:
32.6 MB (34,218,144 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) CJT Ltd 2007

Original file name:
Shu.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\test_prof_2015_ipivr.exe

File PE Metadata
Compilation timestamp:
3/4/2009 1:36:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
786432:SOUUbpnmscg9EjZOS/G9m/T/gQKb6JDpn1XRhW:SO7Zms9tSocJDrXRh

Entry address:
0xF89E3

Entry point:
E8, F1, B6, 00, 00, E9, 16, FE, FF, FF, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 00, 01, 00, 00, 72, 0E, 83, 3D, 94, 8C, 5B, 00, 00, 74, 05, E9, A8, B7, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3, AB, 85, D2, 74, 0A, 88, 07, 83, C7, 01, 83, EA, 01, 75, F6, 8B, 44, 24, 08...
 
[+]

Code size:
1.2 MB (1,236,992 bytes)

The file test_prof_2015_ipivr.exe has been seen being distributed by the following URL.

Scan test_prof_2015_ipivr.exe - Powered by Reason Core Security