home

air5590.exe

Ares

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.capitalvaultsbits.com and multiple other hosts.
Publisher:
Ares

Product:
Ares

Description:
Ares Setup

Version:
3.1.7.3042

MD5:
3f04e974c5dd3a53a6793fdd8d02727f

SHA-1:
3187f29e34440e52ab123704454ed37b8f2429ee

SHA-256:
c1d273f634ed2a8697b23aa6def882c2f76567a52b8a03cc2b8531b0e1bc9b43

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:19:45 PM UTC  (today)

File size:
2.7 MB (2,873,125 bytes)

Product version:
3.1.7.3042

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\air5590.exe

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:5apZ7N+mYCT+Ql14YCsTeC3dHBcdPye3qsi6tVAnDVXOoveyV:QpZkArz4YC6X3Hc9yeCnpXpnV

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9969

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file air5590.exe has been seen being distributed by the following 50 URLs.

http://www.capitalvaultsbits.com/WVl6OTRQWEpGVW5Bd1FXcDNNRXRPTkcxNE5pVXlRbkJVUzJwc01FUkZhbFl6ZWpWUVNqY3daakF3VW1GQ1ltSTRTU1V6UkNaalBYSklNR3RRTkdWdllsZFRkbHBDVG5ORlVrdExSV0ZDZHpjM1FsVk1ZM2dsTWtaRWFTVXlSbXh3YUVWVWVtNUhkemQzYlc1WVpTVXlRa1kwUWsxV2FHUmhhR3BzYms1cVREWlBRalpsV1RCM1EycFhXV1JsWWxwdk4zQTVKVEpDSlRKR1oxcG9TVTlCWkdZemVVSjJaazBsTWtZeVNFNWtNVmxYZVZWaWNHTm1lamNsTWtadlpXTm5SWGhDUlRFbVpHOTNibXh2WVdSQmN6MUJjbVZ6SzFObGRIVndMbVY0WlE9PQ==

http://www.capitalvaultsbits.com/bxEp CsokDj1XEEXGM6ya4E7 PXqdJrvig9THO8nyqzRVnQTxrWYAV3IGoy_5cMzkQJjycXNr Y6wzlOtPfP3fmTxbUdYINFbPOCkFZrg11Im4BN jWGgcJGwEqcC6q9hF26yfBJpiwJBM4xGFLefruXf8OiqNuPl1HlryZqoTcMaEgZ3n5_92fw09utSJXGutm11MMQ-Ow==

http://www.capitalvaultsbits.com/gQXaDJIe5L1dbAzZ8D1UJWq9Ggt22BOFaF2D_JgJFSLtO9XlKjr ZghiwjjxJtWvx5OHsXLoM_BXQhiCkwSvsILXCqhuaaqvQGkVMQemSYvbq8nDeRje9dnQdeBt2AIFdzDFO7LKxaV7zw9TOl49v6gY_2rTNCZwZm6UOFnlZjvFMV8q6K2JuOwo6EfyFz7j62MtNkzA-Ow==

http://www.capitalvaultsbits.com/YOBECqGY_spt LrtTbTLP8s8O8nRN2qhaSW9SZwTamGbRJKeP nThrK2BF1n9FsL3JLFqTFcOi pJH6Tdnefs5N_P1LoxkSzmy_6rwkwLdeHUECcCR7Ig0Rd1LIm81Tus8dk8Vu29RgEnLt0AUb9ICy6R7KWCNNnu3oJHzwjrifSjlUMqPcEWRSqb2ZbYpfMW03PCbAU_LoeqYHrd6yslvfiCXyZCQ==-Ow==

http://www.capitalvaultsbits.com/siyB97QYuIlp3hrZ_XTIx U ViH4Jvi63h035xChjQuJFGUlpqqgMkbc4bVqKjBgBJt15QZiKDbcIl9iwZkgY8HHL0Ex0nxSzVVwfOIGTTynBfN4sy41NElZA0uAIXatsYGtcU79tFe0lHqsYSIJyOYU1LHKo55FCQK_I9UhXd3IPmXP9bWenxd_acPlqck7F5GnaMAd-Ow==

http://www.capitalvaultsbits.com/06MAIf94AznOcB7aWQVRM2M46N8tHYbaVRgRDnFNtvpl27XE3Lfgxgxduw__sLxEjS1MXjGBeSSsPtefmwbSAdmCUaIWaxTqTioFxYzTZmTlAaIz8DUJZ800qyG 1ejV NWJh9HynuvX3GEd6eW6Aq0mw0pfdOy6MBSUxQh4519mLkoIWYBEp1E_g Mp83Lrfag3Y1be-Ow==

http://www.capitalvaultsbits.com/jnbsXZc SwR5Tb8xOHGRn5fPiUMOWq_Tos7Hrf NVTeT2TIr47axGIutsWPXKuGBudmmSHpDiNcCqFTqDUydcqL1I41tfEhZgGSj8q0z6YEKJtByxJHUTit9B_SsD5zhb87lBbOdDYOR9TkM8vCV1iNZ2hYwbc_f5nOCn8Yhl84U8_U85A6w1IfPYcuBYvaaIlDEPNcg-Ow==

http://www.capitalvaultsbits.com/0hkFowtTdKYqcOpgqdlljRoSEiZh2hxsj UKZXXyy00jE6kvkhwN2clUsvY9LwkhR0pZZXlo9hw_ycSY6ZtyLRPbtiQadJxnd6YifSOmTXQrW6 ejYq7 b0BISBnaps9fQfc7Dy3r1uYjNixM3QE gWUuUelvumaFY2LA1wyPGBLTtx_b1v4vIiFVGF3aeKLhLF6 jQH-Ow==

http://www.capitalvaultsbits.com/e5FLu6Ml6qykcLvQwLKQChn5r1MfGcgzflUX3E6Qh2_GDxGZUoqjPGLDPVHRq 6_G8D69Hk hYjrENWSMbwMg AF0gHtw1SLlH2o87u72PJEd HrY2qPfqlKtWh0ldSnTRjHLimbbka43NYS8Ir36Sv0f99o6jqlLBFfoCsefJAac_RbuCEqbRvCSAJzjUprwh6lmZmB-Ow==

http://www.capitalvaultsbits.com/jmqbiaX5aMhpgYrr1lCzmERBR9wwUalGn1yvZmOcioubCaeFkj Ncugc6BqT5l4 PWN5U4ma9dBYqimSZHT2P7uk4xhZrN0WmiofKvxN57oTAWQhv7X0Num_ljO31QWb0bgj3GZMVDfLXgVTTmsEPKRzix8_Zsrqxlvc3NlohKOMb0je7B9Ogq9FCmI ot328Dnd2HPF-Ow==

http://www.capitalvaultsbits.com/oI5tw0yWAPzxkFF5rEOz3tME5VV3Y6nGEOGDxcKRQHzGucxkK7l1bdY3l6iqR5_ZJk4u9B9hGdYp_iJeZ6c5F sop6YNtAErsDoV1MFTd_MqHQ2NqFkESdiZPxr_xlPqtNxalIFgExiBrKff pU1ipyI95tCmM40pVHN0OtfjBcyvf3VeI60cAYkn_zJo9m1K6hpbATA-Ow==

http://www.capitalvaultsbits.com/5a3KzFq5Rle5jtRQ9_Xvs789nayY4wdVlWZH3dqr4vqAWYvD55ROIzsXBFbf11FEKQ6S6lgfLGdkgUHjTAunuZfjW znta oFmPbcodNNEP36OlW0D2pfnSmy6DLvP_rO2aUHXpu9dpBhwuEl9UDPFdd3oFjAM6SYn_xi9oktbh6m9 qXkKMeXiIwwauXn ZwvE_7KUr-Ow==

http://www.capitalvaultsbits.com/RHWEXxWKO4OAroEHFoVnqcWz8XtltlPmtAEr8rU NUz2H_Ms1QAvStX PpkRRSJMoRz3ZZquS7A8hGqwa5OHUmtgz1OfNNqDRE5kkOcue7j5WFcJLr3WY8sBEhJlzU94m3APj yTCuyt4OXC9yB6xj8AS_Kn0fIIX8uhM5ky1f7HWyA LBTuDV06GIrxRpnUapMThWjU-Ow==

http://www.capitalvaultsbits.com/0qn5bllQQDPbnr3C Cbr6ihev9VtjhdeftfZuZ057frltilyoWoUa5mzXTJexNbsIRId1qT184Xnj829rX5oWkfFNv3RAyHgaZtf5xA0Q2Y1Hwi0oGYypUCnYd8SwjwgWtv 446RD hF1iU_nIi1OWThvtDbXi2TRr41xKgTM82aYBMG9SJtP5J99_yhJ_bvUfAO4ygH-Ow==

http://www.capitalvaultsbits.com/kVlyaW49mEFWO5tyQ2pSAZ0EhxK5_jOd4SedkUIQxFTt04XReYWi0uliC6N5bg3KTsT inBggEDKo5920 YxKYvQ0gxxY1VnYkY1DCuxL09xlZpkwohoFGg6bHL1834RMUL44440Y4uxTUT5l0QeuX_J_bxvFI 6EzhW8zqHN2sHTx_VUJ6FAOMHXs29HACmS0fShEJ3-Ow==

http://www.heartcontentvault.com/c?x=qL8X/Q2vdfrkocVVUMgBhsFP7W0YwTCDT2/RQeGcNLE=&c=V4FIsyeGIUN9y1Hr5cbj/CfZWrrEOy4XV9FdR1foRwnRFgaMSBwRSe9AorWRTWGP5UIYGnuudgNi/.../hWM=&e=0&downloadAs=Ares Setup.exe

http://www.capitalvaultsbits.com/YxIC5LaPKt12MoD4oH nH9klvuKVSJlrYk618fy_jX_38SmPnmm1WXbK7bGdmRyUqHcJRHtvGu6_BoNBQFuq7hJOKgu1xZX3nXzutZQ pjhMP_1dShWsi1z3Eq7FVGjlI1uzbAU6TYAPEva6VZlOerbHCme53WLof_HFbFszLW0yfdliy_1in_YkB1tF4ymkdAhuqeO-Ow==

http://www.capitalvaultsbits.com/gWsZJMsWE62nqsApgMWa7wmbs46Fk13cQktNF8qPMI47z2HJuHAGC0zXLLMUW4vz_gc7xBnOw7n iB4lovBq78UPmmrfbxYeiZgnmGrDLb_M9fPQxAQeKZO7OVR3MNJyvH8oPXeKn5RzqTuT_MTfAImXTgp7c2KDe_juIopv3LPiXU9yRN7jK0o1XeOBEGs4UNglVfio-Ow==

http://www.capitalvaultsbits.com/QzcbGXAdA25oNh20SDSnMvf5QC8JhBOln AuHUMjziUPC156 QXYKqYrHkmCrOA AKJGGPZ7HtVULPzRFrR8Rs awVe2RnGKZDkOkW9GI2ABrvf9noL1bVjZOWNGD8Du6RYmEUANws1PE8PpNTmy5cVXxAbdGVoljX68Hyc0Tai8NAUyOAZHVvwX_yuVVfSolEY6KK0h-Ow==

http://www.capitalvaultsbits.com/OXEHFoMeDunEpnq4waXhA6yLvC6xK ipfIO_4ZwvJXN9FVavJXGDxt8mf1gJGltTiGX4ahNQ_sKzc8CYp481JZpwfEck murWxG4RR95 fcR5pFh4DAQw33z_8MShrQsy0e6qWqkxtX6j vCV xzFg_xyPhXflSXdhWEiY bDTJ4Oihhu5 moW8YrYrT7A06zjsK6cfw-Ow==

http://www.capitalvaultsbits.com/WkWRasJKAZ8Pd3DDo5qEbjzjNQ9NCRKvecwC43mlnVF3 60z9iCqehRAdI_th01YwiZC8x31t1EskZ65L5EDNBEahHViXbIuIRm2JPMTcT0wCyVUOgMHrMfw_NDYhw_OLfk4XLRDjqCKBnCdOj_tCZNXA10DS3KiqM3UeT0OTdBF9wqQB97XeaJDcEXKwe6rPGj5MNCD-Ow==

http://www.capitalvaultsbits.com/3Q51pD71v_4hFCGnCVEisPcNhHIMb6ThVf Aa fAmyYdYu0Np5MGwHbjiVSnSfC9jvDgOENeSqlPMGtB2MpCuarAP6y2VzP7hhAxBnVYWHlTyGvROHzq5HZTzmkxRY1Qc9 m6637LK5BzJGulrLsAbVeGVYSP_EIBwJHCRC0 it85JPvJZhVOu3mqlsah5VAapTZWXn0-Ow==

http://www.capitalvaultsbits.com/PW7mCyA0zU F jPRukCqDayWSdi6J5FTum7go8113TP0l6ve9zFtYd1GwBAK0o6ykF3dQECnDjKHx_JpCDrwn3XGy0GdhuUP69q9gVRLrVwKpb4Jsh2K7uGG0JKqmDXtgAU_cPx37X81HqWC4cbYlArl8m1lWSdya731Cs5DXRSnmoixHL3THHlmrnWk2QCaOjJoIIgS-Ow==

http://www.capitalvaultsbits.com/qIffF7AAAPDhs8vooUrePHuK3opPKpDIdPyaEzq90VMBq2rrBgdjoXHX8I9kB8BRLnAwtFeAiewMr1P1nJqfeJGzHjtQlVNZ7qj7imGURMak1309X2Lir8K7laEoziTch27ojFJeBfGnmuEXbzbgvoQxbE5PihuS5bNqkDoDMlUBC_cZ1808qd90fRVOxGbKa3liBT0N-Ow==

http://www.capitalvaultsbits.com/5VtUrzk6bFqVMjZU37hEd6PUBp2Z8CyJoYefDCEFpibiiKfEM7MVyzQRrUyOVjVFSipZgkdgGBtbNwJnf0iZ13hhL9bU9RC8HJ4s2AkEy9j18tQq_yhIAHAxg8oBRkGhBozrE7ZyBIqGEdWexECDM6IcKoUWeFfJv7hkkHYw7PsBu1_MQnPaIOLxVTdEB3aPbuIbkK3J-Ow==

http://www.capitalvaultsbits.com/HXjGGq5ZsO4W9oHvawewmH5Uerq8GtmWGUomn4BCj7qtMT3S2ROMvLtcTlvtOBzhhcgQz7BiCgKdUr78uC6WNBLICgOFqMJ9VeOOa6tac_h8qOA7EirwPm2 sfjFZRSU5Bz8LNd1qIrTucwOd8paBGGspRfQjrJcYsoGX0uxEQo9dd_dLf77l5xi0KYHTcGItGN4lfHC-Ow==

http://www.capitalvaultsbits.com/e5RkmhsE5IMDktLdiHHgLpCKR4rU8h40x1eAkqSxYjnm4rR8EsYN2NPGjL4yrxMp6UfGcTfNqMH2AkLp8Lfm0BmuSWH8My79MR76I5SYXxh3K0QwK4KTWHFa4LexNipHqb177bRRDemppOMMVkbAEkA5ohkFLyLUBf6NpATpDgMeDqjq8YK 174bVUDaka6N44zyKs9puxp_pDVCb3Cu1Pq3m_Z19w==-Ow==

http://www.capitalvaultsbits.com/Y cLn6UbwcKP65k3dH0Jv_tlT8EyxUXzUqh5odZ90PcQY30lQlZfpaSBoWDUmo1eY8IxBIU4ZlF8C4CWRmk2HMc5aT7RCYv2zn5JP4r0NW_IJ1VGBZ5vJJw_UHdE2eKBAR8Ee1M6z4j5d1FHIi9xiOk1IozS2UMDvWR3GwWjcgqyaNYz s7okp6 6ItDjcR487iEphai33aitIMUzdGjXhXDq9ogb4M6JRsyV82QdrFHm5dQhEZt7ciS2b3mn0CwzpECT0nWm fO1G RZ pBKh9MUrv0mFGV2KW3UXvTfpR4ew9XjEu678RwCzdM5RXlzB4CjfLJ5E_X6WvdnXYEsgWNy_q6J59rLTi_s175QQ6MycE70YgtOOzQXw48J3yCyOy4lxmoJjLqsL3A_OL7986FzlDRBBMx4ySabluvxgPJljQEEU3ka8lDGRA5cFWlICKi7yVkc6pLWxnw5ClzEzJAWWEwul_zdGwLWDCvM2Uhu7sBTqnOAEpBPocWiF4a6tZKh4iuq39RQp4euR 9WSQzCqaA7IR4 xaq9JMWCGhjchFI LUDydaO ZzVN84DY4xn_bNqv6Y9qGGCE4SFY MTBdBbBgZUEy M2l yLZoREk9GNvx_T0q1Kgk0WGb6VTV2FHyv-Ow==-e

http://www.capitalvaultsbits.com/5ged20rwGUhsnumZ7NsDReoECvgQbtf DoI Gkw5IlV3s85q3SX3PKBlLJNeZjaLtrivpfsjRtcQedGi3RgX7VgLooJjrLD_CXju svDwGEm5L0vuEzQ3nRmKz7zyiprooxWtM8pMP6XT2yxQDvBlpaOzNRwpDY7upFTee7GLgHaktf7CiWvppEknco7pq vHMMTRfaL-Ow==

http://www.capitalvaultsbits.com/r4Y1RwHnmU403MDiOeqcan1_0bCTTL6at5e_ wFRdqUIkVofg9jy3cDg3HR_biArDBUPBBY6sTjkiT1sxGkXXqC1Hv2 iciUrXZENBE3zu 91bWYEV5dLKQNyItD8l0klhkAz9nlOnAXhBH6WrBuMbTkeEsSUsclJ7X93HgNB3ABybjMNSxEvefx0ELetuZ_LfZppv48-Ow==

Latest 30 of 112 download URLs

Scan air5590.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.