home

xara_3d_maker_7_en-gb_121024_14-51.exe

Xara 3D Maker 7 (en-GB)

Xara Group Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from dl-nl03.magix.net.
Publisher:
Xara Group Ltd

Product:
Xara 3D Maker 7 (en-GB)

Version:
7.0.0.442

MD5:
383ad24b1806cfc2783d51775928e282

SHA-1:
9a28c4d8df3c879dc24cd285bedac3c510d3f7bb

SHA-256:
b20f4d963464081306fcd537cc2ba5ad379fd117d9f80d7bbb001c5b72822d3b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/26/2024 6:51:20 AM UTC  (today)

File size:
15.4 MB (16,189,624 bytes)

Product version:
7.0.0.442

Copyright:
Copyright © Xara Group Ltd

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\xara_3d_maker_7_en-gb_121024_14-51.exe

File PE Metadata
Compilation timestamp:
9/24/2012 2:37:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:7QZqnC9mAd7U90jISN0JDy/4a6wkYFZvaSaOeK8WE7gVdCPBLgWBRv1Mrkiw/2+:7E4ij/P6wkYTDOWAiC31MAj

Entry address:
0x3B702

Entry point:
60, 81, FF, F2, 28, 00, 00, 71, 03, 0F, AF, F2, 52, EB, 02, D0, EF, F7, C3, DF, DE, 12, F8, 0F, C1, C2, BB, C1, 8F, 7A, 2D, C1, DB, E9, 0F, BD, D7, 88, EC, 23, FB, 88, CB, 0F, B7, FF, E8, 39, 00, 00, 00, 0F, AD, FD, 88, F1, 69, FB, 24, 4D, B5, A7, 0F, A4, EA, 27, 84, E7, 69, FD, B6, 75, FA, E9, C0, D5, 57, 0F, C1, D2, 33, ED, F7, D0, 69, C9, 4F, 48, B2, 50, C0, D9, D6, 0B, ED, D1, D9, 0F, C0, C8, 33, F5, 89, F3, F3, 0F, A3, DF, 87, FF, F7, D6, 85, EF, C0, F2, 17, 3B, DA, 5A, 8D, 3D, 59, F7, 0F, D6, 31, F0...
 
[+]

Entropy:
7.9544  (probably packed)

Code size:
460 KB (471,040 bytes)

The file xara_3d_maker_7_en-gb_121024_14-51.exe has been seen being distributed by the following URL.

http://dl-nl03.magix.net//2011/.../Xara_3D_Maker_7_en-GB_121024_14-51.exe

Scan xara_3d_maker_7_en-gb_121024_14-51.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.