» 5ffa2858279e49b09863c3646fecad5d_pod023_en-us.exe
Overview
Analysis
File Details
Downloads (150)

5ffa2858279e49b09863c3646fecad5d_pod023_en-us.exe

DR Downlaod Manager

Digital River, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from www7.buyoffice.microsoft.com and multiple other hosts.

File name:

Publisher:

Solid State Networks (signed by Digital River, Inc.)

Product:

DR Downlaod Manager

Version:

3.2.3.4

MD5:

3c343de2568f7482953fe35c24b8923d

SHA-1:

2b656ea10b357b3c2b61ba9bb98b219203856847

SHA-256:

35f5aaf34b2960c4878dd80609df11ceda72a805547d66923f63340a2dd040ee

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 4:08:26 PM UTC (today)

File size:

2.4 MB (2,525,032 bytes)

Product version:

3.2.3.4

Digital River, Inc.

Original file name:

host.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\5ffa2858279e49b09863c3646fecad5d_pod023_en-us.exe

Digital Signature

Signed by:

Digital River, Inc.

Authority:

VeriSign, Inc.

Valid from:

11/4/2012 6:00:00 PM

Valid to:

12/5/2015 5:59:59 PM

Subject:

CN="Digital River, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Digital River, Inc.", L=Minnetonka, S=Minnesota, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

58D8D0310D9571EA8F11D0E3E4FE0C87

File PE Metadata

Compilation timestamp:

5/25/2012 1:30:56 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:NTRM4nA3NvTrX2nyp83qvBWo5V436xi+WbpET6yMC96JduSTuwIuLv5XNVzlexr:nMvNudy0o52G57ey16DPT9rNoxr

Entry address:

0x3FA49

Entry point:

E8, E2, 24, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 38, 8A, 46, 00, 89, 0D, 34, 8A, 46, 00, 89, 15, 30, 8A, 46, 00, 89, 1D, 2C, 8A, 46, 00, 89, 35, 28, 8A, 46, 00, 89, 3D, 24, 8A, 46, 00, 66, 8C, 15, 50, 8A, 46, 00, 66, 8C, 0D, 44, 8A, 46, 00, 66, 8C, 1D, 20, 8A, 46, 00, 66, 8C, 05, 1C, 8A, 46, 00, 66, 8C, 25, 18, 8A, 46, 00, 66, 8C, 2D, 14, 8A, 46, 00, 9C, 8F, 05, 48, 8A, 46, 00, 8B, 45, 00, A3, 3C, 8A, 46, 00, 8B, 45, 04, A3, 40, 8A, 46, 00, 8D, 45, 08, A3, 4C, 8A, 46... 
[+]

Entropy:

7.8884 (probably packed)

Code size:

333.5 KB (341,504 bytes)

The file 5ffa2858279e49b09863c3646fecad5d_pod023_en-us.exe has been seen being distributed by the following 50 URLs.

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=941201738&local_only=true&receipt_id=547815319&culture=en-gb

https://www1.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=2133700287&local_only=true&receipt_id=708261908&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1059820563&local_only=true&receipt_id=447648098&culture=es-MX

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=784272355&local_only=true&receipt_id=447379767&culture=en-gb

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=814572282&local_only=true&receipt_id=447596121&culture=de-DE

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=457013472&local_only=true&receipt_id=575675744&culture=en-gb

https://www1.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1404542320&local_only=true&receipt_id=212470759&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1628855866&local_only=true&receipt_id=576394190&culture=en-GB

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1895804194&local_only=true&receipt_id=548061835&culture=fr-FR

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1178511086&local_only=true&receipt_id=576282609&culture=de-de

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1974748093&local_only=true&receipt_id=576434608&culture=fr-FR

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=35156069&local_only=true&receipt_id=575986502&culture=en-GB

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=256250521&local_only=true&receipt_id=547553487&culture=fi-fi

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1895189094&local_only=true&receipt_id=576224460&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1131660482&local_only=true&receipt_id=575796317&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=720038339&local_only=true&receipt_id=547741068&culture=de-de

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1192245011&local_only=true&receipt_id=447748073&culture=pl-PL

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=338888279&local_only=true&receipt_id=547814512&culture=fr-FR

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-395989881&local_only=true&receipt_id=547575486&culture=sv-se

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=931508474&local_only=true&receipt_id=808690564&culture=es-MX

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-206719358&local_only=true&receipt_id=547514614&culture=en-GB

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1279147589&local_only=true&receipt_id=447446442&culture=it-it

https://www1.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1921045259&local_only=true&receipt_id=212424917&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1362992271&local_only=true&receipt_id=575845407&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1246661222&local_only=true&receipt_id=547505022&culture=en-GB

https://www1.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=416176753&local_only=true&receipt_id=708280756&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=220796539&local_only=true&receipt_id=547435845&culture=en-GB

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1492699746&local_only=true&receipt_id=576425886&culture=he-IL

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1362992271&local_only=true&receipt_id=547422177&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=94467489&local_only=true&receipt_id=547327174&culture=it-IT

Latest 30 of 150 download URLs

Scan 5ffa2858279e49b09863c3646fecad5d_pod023_en-us.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.