» air6b26.exe
Overview
Analysis
File Details
Programs (2)
Downloads (46)

air6b26.exe

Free Download Manager

FreeDownloadManager.ORG

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from downloads.sourceforge.net and multiple other hosts.

File name:

air6b26.exe

Publisher:

FreeDownloadManager.ORG

Product:

Free Download Manager

Description:

Free Download Manager Setup

MD5:

59659ec269d66f42278968981465eb15

SHA-1:

74495fc88d85a35871a2a997926304b0590f80a0

SHA-256:

b90c433f31f41222bb8f7b5ade4b4df812f4ef28aeb5184dc7f2aefcbe495e28

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/24/2024 12:59:34 AM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Trojan.Win32.Generic.1322C7D5!321046485

23.00.65.131123

File size:

6.7 MB (6,982,752 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\air6b26.exe

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:7UJnEnoYade5/7iMj0NiMsxv0S7o+CgjZ6Dr93:SEnkMpXOsiOoZeAn93

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Entropy:

7.9994

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file air6b26.exe has been discovered within the following programs.

360Amigo System Speedup Free by 360Amigo

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.360amigo.com

53% remove it

Toolwiz Time Freeze 2017 by Toolwiz

www.Toolwiz.com

About 6% of users remove it

The file air6b26.exe has been seen being distributed by the following 46 URLs.

https://downloads.sourceforge.net/project/freedownload/Free Download Manager/.../fdminst.exe

http://letoltes.szoftverbazis.hu/nFZJx0JMqRYr1eQ4dWfyuA/1471039097/.../fdminst.exe

http://s10851.chomikuj.pl/File.aspx?e=8AamYjaaNLL2dMDJZc1GsIAakKUgAS2nrapMETWFP65wo9GO_er0Z-LynYUrXRWs4sgoueZlxGI8C1vFhFdE-VdSTzqkbJOP2XH1Zgmc0Gjac4EDCz0ycyx9JZyybWJmmjrJnkgW-6-9FJNWXxBWmw&pv=2

http://letoltes.szoftverbazis.hu/Q_wtdGhv92OuMCknp0NkSg/1477219385/.../fdminst.exe

http://letoltes.szoftverbazis.hu/-WouedUTLo_3RlVV6botEA/1478629942/.../fdminst.exe

http://letoltes.szoftverbazis.hu/L4oj01O-dxEpfJd9jY6qaA/1478790698/.../fdminst.exe

http://letoltes.szoftverbazis.hu/D9meWQhJGlcBRZ2MTEiHIQ/1477229905/.../fdminst.exe

http://letoltes.szoftverbazis.hu/6FqqNgDmAd2hL3YMpEbLww/1445007984/.../fdminst.exe

http://free-download-manager.software.informer.com/.../

http://letoltes.szoftverbazis.hu/juPwJ8OpzzMkoAiF8lcZ4A/1466935583/.../fdminst.exe

http://letoltes.szoftverbazis.hu/ZlwjJpL_glO-dfhUud-iJw/1435926558/.../fdminst.exe

http://letoltes.szoftverbazis.hu/iubWRioRNxToANdiw7V9sA/1480189027/.../fdminst.exe

http://letoltes.szoftverbazis.hu/qcRBrcmKY7w1ITP8Goc8tA/1469090286/.../fdminst.exe

http://letoltes.szoftverbazis.hu/xakW_N0PKYl51k1FgpDdJQ/1481665220/.../fdminst.exe

http://excellmedia.dl.sourceforge.net/project/freedownload/Free Download Manager/.../fdminst.exe

http://letoltes.szoftverbazis.hu/Y17Y8JFxVuFvZxSNqn2Ofg/1478287536/.../fdminst.exe

http://letoltes.szoftverbazis.hu/i3ZicxqxeqDygqLiBKBa-Q/1453309570/.../fdminst.exe

http://letoltes.szoftverbazis.hu/OXxLDu0XbtnVetvr_Bm1ig/1415610668/.../fdminst.exe

http://letoltes.szoftverbazis.hu/5LtqOcOKY0wgvSi6ahyWNg/1462259082/.../fdminst.exe

http://letoltes.szoftverbazis.hu/_PGPeLf9-XekPZH2qXEgyw/1471884276/.../fdminst.exe

http://letoltes.szoftverbazis.hu/41ilTq_E6Ort4jOIanYtGQ/1472398100/.../fdminst.exe

http://letoltes.szoftverbazis.hu/43DkZsgBYqdHp5CD_gJbxg/1471886088/.../fdminst.exe

http://letoltes.szoftverbazis.hu/LRqIrd0gxh3B3lf3EiNHkw/1469440739/.../fdminst.exe

http://letoltes.szoftverbazis.hu/hA-rBmTZYMzqdAKh8hgPpQ/1468435073/.../fdminst.exe

http://tenet.dl.sourceforge.net/project/freedownload/Free Download Manager/.../fdminst.exe

http://letoltes.szoftverbazis.hu/kA5drVuMcKjOw5NhTJ8YUA/1459278287/.../fdminst.exe

http://letoltes.szoftverbazis.hu/Or7JugaZbrwgUEaLRCGfFw/1451828397/.../fdminst.exe

http://letoltes.szoftverbazis.hu/vESPw4gowIu9izDbcHCBsg/1455908535/.../fdminst.exe

http://letoltes.szoftverbazis.hu/9fw1kALCSkRDTcxA2VsSHQ/1466760604/.../fdminst.exe

http://letoltes.szoftverbazis.hu/2lVT98CRhiVFJVaJAdh7qA/1454841817/.../fdminst.exe

Latest 30 of 46 download URLs

Scan air6b26.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.