home

windows_7_logon_screen_editor_by_bcubing.exe

Windows 7 Account screen editor

Bart Ubing

This is a setup program which is used to install the application. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
Bart Ubing

Product:
Windows 7 Account screen editor

Version:
1.0.0.0

MD5:
5a134702e4a95cf37872a0426fb84677

SHA-1:
e15b43ebec977d7ad69a99e8fad6a6f03cb9c280

SHA-256:
fe834c97ff0795efef3e5e490ce51527a51b8eeac35c78c818c3d5151d19b2bb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 3:20:03 PM UTC  (today)

File size:
646 KB (661,504 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2009

Original file name:
Windows 7 Account screen editor.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
11/19/2009 7:59:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:20bY0W2QqnY4tMwTjxxAzZnmVq2sZhwBmIYlgtQnOqDZ0:20b+2NY4lxcZmVq2sZh0mIYJDDZ0

Entry address:
0x8E54E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
561.5 KB (574,976 bytes)

The file windows_7_logon_screen_editor_by_bcubing.exe has been seen being distributed by the following 4 URLs.

https://dw.uptodown.com/dwn/-hTjJaYuDGt_oQ4NsODBRGbgTd-j8qCyP4YsUZP7qUKICU4CSgmm8dQm4Srrj9388xL2NqoHzAWqJ3gzGeSyF0BMXu4Xsv9K41Mk9Bi-BnikuhOowo0SvTwSvbW_RnU0/b9XYehSRDwWv71YaffDGvM8EmqkwBu0d2U3epTn3Fy2MrsQvKCENRcecmWAe6i46p2oV2U2HZCslP_YpI3Zs7pkfKAQMbjyB-c7aDlz7t1KMCeaQauRpYo5GoKbcWmGQ/YEDtZ8UTXauhHcBh0WjrCPfD08Oq7Njc4Jl8L0_7NKesIcfKkcPdHkWgyRBkE_7V-cJDT2p_sgZSdoE1qZCgGt8dbHnNFIbfuDAys4AZv9VVgg7dJKEYavAtirhF_Mn5/.../

http://www.ranchsendgift.com/MpdYlazbH7E5HqstdP16xKOxw4YK7y6E3UMPiu7ZJpKOVfq6m8Xs1oqQx4VwELG8IWyt8ncNMz4siULW6hyoK7X0ShRgZmuZlYAHIJ_RZrqhHiAbzln6wrORWPw3RwZC8SqZeAH1azcffWofFUCgaQhljAtAzwNCVjI1nVR63QTY3HbqE3Nw7cEcY_lcEXyeqhpvJU OipEWpFkUAFRqj4DKh4Sr6A==-G1oAAMTa3Lh56hMtS8N PYvLgplUbABB07ZRvMDyMPG2LmCVPHGz2uUcNrby1jlWuG531uCY1wNyYKMhJYldx6zzUGsKLeoP7U 2kcL9hk=

q=http://migre.me/dKJ6W&redir_token=yrh0UR8LHc6Qt8g2ZXwHbOgK1nd8MTQzMzY5MDY1M0AxNDMzNjA0MjUz

http://fc03.deviantart.net/fs51/f/2009/323/2/.../Windows_7_Logon_screen_editor_by_bcubing.exe

Scan windows_7_logon_screen_editor_by_bcubing.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.