home

tp-1 sreda.exe

MyTestXPro

www.klyaksa.net

This is a setup program which is used to install the application. The file has been seen being downloaded from cloclo8.datacloudmail.ru.
Publisher:
www.klyaksa.net

Product:
MyTestXPro

Description:
Computer testing of knowledge (MyTestStudent)

Version:
11.0.0.37

MD5:
179b6bfc3a5f73cff1d361d3ee971745

SHA-1:
9250543c40b9d3a29ec18dd829952241270f9672

SHA-256:
a4a1bf4156487d415965c01d44b032574ffab04f36a355621c950a8c1f8e56f4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 3:03:09 PM UTC  (today)

File size:
10 MB (10,533,888 bytes)

Product version:
11.0

Copyright:
Alexander Bashlakov

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\tp-1 sreda.exe

File PE Metadata
Compilation timestamp:
8/31/2015 2:53:07 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:K+U7KrhZVaOMxUPyFvG1/pLhgQFYTh5ogc4t2JDUG4K2TlcK/9DUG4K2c:07SA0PyeZiQ8hdc5X2BcK/r2c

Entry address:
0x5A6424

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 38, 5D, 99, 00, E8, 17, 88, A6, FF, 8B, 1D, C0, 72, 9C, 00, 8B, 03, E8, 8E, 6C, C8, FF, 8B, 03, B2, 01, E8, D1, 89, C8, FF, 8B, 03, BA, 08, 65, 9A, 00, E8, 29, 66, C8, FF, 8B, 0D, BC, 6A, 9C, 00, 8B, 03, 8B, 15, 1C, 26, 96, 00, E8, 7E, 6C, C8, FF, 8B, 0D, 28, 68, 9C, 00, 8B, 03, 8B, 15, 5C, 08, 90, 00, E8, 6B, 6C, C8, FF, 8B, 0D, 40, 74, 9C, 00, 8B, 03, 8B, 15, 20, 16, 90, 00, E8, 58, 6C, C8, FF, 8B, 0D, E8, 6A, 9C, 00, 8B, 03, 8B, 15, E0, 4F, 99, 00, E8, 45, 6C, C8, FF, 8B...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
5.6 MB (5,920,256 bytes)

The file tp-1 sreda.exe has been seen being distributed by the following URL.

https://cloclo8.datacloudmail.ru/weblink/get/.../9T9t1hdPq?key=46fe89614aa85e1cd34fa96b85b5247c224118fe

Scan tp-1 sreda.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.