» ape.exe
Overview
Analysis
File Details
Downloads (20)

ape.exe

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from ec.ccm2.net and multiple other hosts.

File name:

ape.exe

MD5:

c37c465fde502f111683a8ea18119342

SHA-1:

d0e61361863a75f03fb75e82603d0fa3cc06f617

SHA-256:

c21d9d34ad24d0d01d508f8d153e8842bf1c46e08aade112f9e50cd51b0596f8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/20/2024 1:08:18 AM UTC (today)

File size:

2.7 MB (2,798,973 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Wise Installer

Language:

English (United States)

Common path:

C:\users\{user}\downloads\ape.exe

File PE Metadata

Compilation timestamp:

4/25/2000 10:37:12 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:xHMg/j2M9aJsDmm/QQ5x9UhiFmy04B7Z8lR0FScJA6RVs42e8vGdhfVIQMdIr6:hMgiZJs9B576y09lGFSuA6RVs42XGdh8

Entry address:

0x21AF

Entry point:

55, 8B, EC, 81, EC, 2C, 05, 00, 00, 53, 56, 57, 6A, 01, 5E, 6A, 04, 89, 75, E8, FF, 15, 54, 40, 40, 00, FF, 15, 50, 40, 40, 00, 8B, F8, 89, 7D, F4, 8A, 07, 3C, 22, 0F, 85, 90, 00, 00, 00, 8A, 47, 01, 47, 89, 7D, F4, 33, DB, 3A, C3, 74, 0D, 3C, 22, 74, 09, 8A, 47, 01, 47, 89, 7D, F4, EB, EF, 80, 3F, 22, 75, 04, 47, 89, 7D, F4, 80, 3F, 20, 75, 09, 47, 80, 3F, 20, 74, FA, 89, 7D, F4, 53, FF, 15, 6C, 40, 40, 00, 80, 3F, 2F, 89, 45, F8, 75, 28, 8A, 47, 01, 3C, 53, 74, 04, 3C, 73, 75, 06, 89, 35, 58, 53, 40, 00... 
[+]

Entropy:

7.9984

Packer / compiler:

Wise Installer Stub

Code size:

8.5 KB (8,704 bytes)

The file ape.exe has been seen being distributed by the following 20 URLs.

http://ec.ccm2.net/br.ccm.net/download/.../Ape-7.9.2.exe

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_es&type=PROGRAM&Expires=1472743379&Signature=ReLVQpalcv7yE604-Ras0oFrALTMyRVY7FtrD4pHiJ4R1Kc95JuoOtnWNnrQDqVrK0xJ7vhkehvLQpVO7YpgWaeCDxLekoOzgbOH7VlqHC6rK3pIm~1uUaxvBFC8vlN2~VtzSzBW0eI1LiUnd~Qf5wvjGthDgjFZhYJc8tYaPvA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Ape.exe

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_en&type=PROGRAM&Expires=1459003740&Signature=CSKcRNPkIopDN50v96NJKhzFb9mPUDFBvWr9JT20XGoAjYVhw3Vd7f0lcz6i4wbFEx6uoqg645jzl7zPSJH9yeaCZqs1o34Bol5jrxlAQguVU7LR-QwtM~XUw5coSzefbhKybFcZdVnEUbNZ3Na633utiKVRxedxebZ9BT2MX5k_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Ape.exe

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_en&type=PROGRAM&Expires=1444013127&Signature=iqr2X5IBi~ctxo0FgYShzVacBpMy5FBup5QmMuA89NaUhYfSeI~zGInhJPFMi51wJYxq3yLI~YCGrrN6pJURHJkLVxmk5z1qdMc62tkU~PJGlo51CAj02aWjkP0VWvsMbCYFfFB9ngyK56MOZOxuYaUmI3pVlW9lllgbPwDMj5A_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Ape.exe

http://www.ranchmetabits.com/g1U8pKWNRgbPt5VEkHFaxcZp1I70IJPzE8RLqCCNHVs m5zIJ9pSS9jsonc3u3E vWEjogLLHNhM1rX2RQKIMy_0SHqX412gF0KhYXBmSl9 0nSmEWUq_2_AqiKCMruYiWf0jFfZT N_0 mf95I51ldk5ukrX2XNMaLb75OKRykUcOP78FI=-Gx0DAGSedtEfDy3CpP0M4KU3AYKJHLC3xRDzSey9ceDJGiM_i8Dc0mPM L8Hv2O91oqlgFJu3Ttgwd6Lyj7LoDdjufNJYYKTw1A7yyBLwAbkE3n890teiumjUHiahkYu5T8ulRDOp_MnLIVSChftoBczLcFHQ4Qow1csdzTTMN7xYHZsxLoTwI54U04i3I IdBlE2rPZnIZ_jpsz5zSmWwcJo1XehOeOx4xI9qSwciRngt0FjKhOc4CHXElHHhtEFnKjrbqitQKBSC3WHsKn5M0YXLNCP8p3dCCVQSNIXrQ2NTqCCMGxGjbcNHZroMGbKukgKiNzRVimjk3hXtJsieiwYpL9BepVn2lNrr0HyO3XOmt7g8uE3s7xFsluaAk4DirZJcCYqfMvuFBVB2j1Ed6nJQSqWoTuWyLgdrIjgLy4Q2gHhiISNr28CYF0WvlISlTuLs5QCFFGYPTSZfg67NZYXgm8UkOdmoO18MpZJa6c7lGyO12X6dQVURzKIZVPn0Q9B0m6uP4gWGFdLUFqr 4BkGY BDqrUcwFXM7OS6EmYsDtjfa3TrsxZ125mcPvcibON4PsiaOn4r2do1DS1ay71Fv 9CxcXaX kaYBGlv4EQWVQ 0afzyXqqgaOeetT7HoLHhdW0hsNjPKYdEDmwprsNHQnmZNl 6Hn0LjjseGcfjkXJMNxuOmVE QxLtFcO8Fwbxcs8BfwqQR1GaW8YtacxL4uz7SAEg_4CilKUaQ3tvGulTtevV5R6Z45LsBqUHaceH22LQl0ry2XngFI

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_en&type=PROGRAM&Expires=1477023482&Signature=TKaQDJIh4-7qFA8HsM06PNdTg7dssBWl5jMw7epnyY1z8FjxaK6fQaNF04-O0j9-k7UPpNFqznr-ZMlRF5u0zEdq6BLQUAn0SMXIjqL99QNAViVsvGI4NCjHro-4XlIdOCPuXsSA2vd34cc5eSDwf6n~MtCBTzNqgWsMpHxsPL4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Ape.exe

http://ultradownloads.com.br/.../2,215607.html

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_en&type=PROGRAM&Expires=1480817907&Signature=B3HbHtBbxcS6sydNGzmikygkv-Y5UXFAWlkAHhZc04GvVJB3btALe7qNOs8rPCOEiZqmWJ9p0HUrutzJJ7EfobdOXVfKYpk75yn92AkPhmDGEPAdqUw7ehXNU6eGYJTEFm~OBPOM46Z2nJeAxujXEp1hx3K1HupS9Pt6bY4PIvY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Ape.exe

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_en&type=PROGRAM&Expires=1479807277&Signature=b6DgS4vGVHtCn36AYRMDvS4Gs4QNk8BSpIT44lcqS-MVgFuC2YTgmEn3qzmAVao17wYyNYU5jxG2Eg6gBp2ugxiAeZQRDc0R2oYxXjk57WLgrQU1zShKeRpBCAhD1Lk3YT-A8D-DcOWCDlqXQzZACsxaANazJW-vchovknPxHa4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Ape.exe

http://w7.mien-phi.com/Data/Soft/2016/07/.../Ape.exe

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_en&type=PROGRAM&Expires=1477860818&Signature=Qk8CnRfY1FmsH4k7xGppmu44lIJad1vbydZlCRSWNd~1MUTczTy7i8VBuBB15HT05X5DkkkzD3g~Nwy0kP5sAorGBB0w-n6AKknPy~k7l~NAHyw5c2e1jfoAN41Arr~5XU6nrirZLPLpVUSWrr0grAGHsqWobTJR5EWISyvk-04_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Ape.exe

https://dw.uptodown.com/dwn/0G03SP98IRuIngtg6-wrngysTE4xH4R9xM4edxIj5i7gGioVGQDA3bdtUUh5EnmlriZKKAwhjEoW5sBlFHKes6NI9RloB8ZuCPo1lgamQG5-MeAkVmokCa4niAzwZWqo/mYQ7tBHvE9-lYcA3FqQxQeiU4ZOd7Rb50MxYvQOoshgmoB6rDdke7BxPOz1IZ6Y-5ElKxMx0_mREc2iYlBZkDYZ09Hxe-REw0KuHwq91kdgOVOXQazhTFxaKWlPPlV-U/SvqXUXm6gf0CspFvRypOy7Ty9G5qopeZC3E3j7MZpFdFKMRnOVeIIA-SI1nyAS61OUibj3Md0_OIbkUP9L9ht6pdEwtMbiHo_x7lFrdty3G6ONMUbVrEYI5XDBHZWY5N/.../

http://files.downloadnow.com/s/software/11/64/75/.../Ape.exe

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_en&type=PROGRAM&Expires=1432621465&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=YE12TckqSIk4bHJec7NYJAqrDJJqt8EcNHhBnJQlugTQDXDKzxlufyIj584ghW900qnhBvfJlP2gzxgdgNOJgywuxoPJXSr2-kTld763K0GhVUkY6EsQ~it~7OeDRikp2JnmnWWLhkBdd8g8ohOoOYDZ~o7MyPDNJ4QjOEh7Q-g_&filename=Ape.exe

http://dl.cdn.chip.eu/downloads/.../Ape_7.9.2EN.exe

http://amazing-photo-editor.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPUU9aRSUDg 7v0hqvPNHkQ /.../Eai9y7wGQYYe2O 1bs8tLE0sqS5aPv3ZDKBUY=

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_en&type=PROGRAM&Expires=1440894197&Signature=W8zXsw~ibZhkjiAz2LvM75TM1meeC--J5hkmEFHsZTcOO3MPJnQcjeoTEVhQbbE~bR3TByp99fMwLq1wSAsv2UvuhiBA3eJwXbqTL8FTFVu2xbeJb9lX4PySFgm0dEnHxV-jyx-ylhVFrzM6mMB6UqRcRUSKTog1hPZvVWnhLk0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Ape.exe

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_es&type=PROGRAM&Expires=1448451017&Signature=EmWzjCpJEfMAnQ~B3RwJR7nRDa2e9brasYEyLiQs54ZCLuWHe0xnppd0yZ7LMDpsc4CKD2T4ve8OJG6vTW9RIG9UURj3WYKsCIg-PPjxIdOyvrIcInHA30J1Ywf6G2vEbz6eJRX9M~M-0HUEAL09O-3SHTO1ADCPkMkMULx2jwg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Ape.exe

http://www.silvereaglesoft.com/.../Ape.exe

http://gsf-cf.softonic.com/d0e/613/.../file?SD_used=0&channel=WEB&fdh=no&id_file=38920&instance=softonic_en&type=PROGRAM&Expires=1428051747&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=abNuf8abuwEyneZY4opbahIva1yErWDKCF8YWlR6EoSNC9Y627Vd5q1U53mfa2Pq5BG4OnD1ca79O9QpMsU~bfY0ord2KRPLxE~ob9-vM~0b73fqfi0ZIosc1CXDpAWywLIEwva8m7Uu-EYYPMfvMLTO70jjWjfrkWvLSeCxEV4_&filename=Ape.exe

Scan ape.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.