» asociacionesxl.exe
Overview
Analysis
File Details
Downloads (5)

asociacionesxl.exe

Grupo Momadul, S.L.

This is a setup program which is used to install the application. The file has been seen being downloaded from dw16.uptodown.com and multiple other hosts.

File name:

asociacionesxl.exe

Publisher:

Grupo Momadul, S.L. (signed and verified)

MD5:

198742cf1bbc88da056531f6589fa4a2

SHA-1:

38eaf095b4675840f2649de96e8394a2cb6ed521

SHA-256:

b6e15915d891a7369ed5cdb28ed7e73463344bac6071d103da30a03dc2fa60eb

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 4:11:31 PM UTC (today)

File size:

12.5 MB (13,151,752 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\asociacionesxl.exe

Digital Signature

Signed by:

Grupo Momadul, S.L.

Authority:

COMODO CA Limited

Valid from:

8/12/2013 2:00:00 AM

Valid to:

8/13/2018 1:59:59 AM

Subject:

CN="Grupo Momadul, S.L.", O="Grupo Momadul, S.L.", STREET="Calle Francisco de Federico, 23 Edificio Momadul I", L=Burgo de Osma, S=Soria, PostalCode=42300, C=ES

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

07516126CEF23F5ABD7FDAAF7C0FD3FA

File PE Metadata

Compilation timestamp:

2/17/2008 7:10:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

3.0

CTPH (ssdeep):

393216:ZSELsABR/8ae0/lKrVmZI8CufUr3Okqv3ZxibA:MQBR0KtKU65us7qv3Zkk

Entry address:

0x10B9

Entry point:

55, 8B, EC, 81, EC, 5C, 0A, 00, 00, 53, 8D, 85, A4, F9, FF, FF, 56, 33, DB, 57, 8D, 8D, A4, F5, FF, FF, 68, 00, 02, 00, 00, 89, 5D, F0, 51, 89, 45, F8, 53, FF, 15, E8, 40, 40, 00, 39, 1D, 1C, 20, 40, 00, 74, 49, 53, 8D, 85, A4, F5, FF, FF, 53, 6A, 03, 53, 6A, 03, 68, 00, 00, 00, 80, 50, FF, 15, CC, 40, 40, 00, 8B, F0, 53, 56, FF, 15, E4, 40, 40, 00, 3B, 05, 1C, 20, 40, 00, 73, 17, 68, E4, 30, 40, 00, 8D, 85, A4, FD, FF, FF, 50, FF, 15, AC, 40, 40, 00, E9, 4C, 03, 00, 00, 56, FF, 15, BC, 40, 40, 00, 6A, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

3.5 KB (3,584 bytes)

The file asociacionesxl.exe has been seen being distributed by the following 5 URLs.

http://dw16.uptodown.com/dwn/cY2cu0o_dI40BtVMS7_VQ70gMQRwfzsgENiDnNUP8FIJ9diRw9TiI44C-WFYAKDDPNXZ_zIS_Y3L8nfNEyQRgPbgj-wfYZTQkNow5dH3aqNmE17ojPbRKsJ_Itmdmu8B/anFRVFarr3ZHA9DXByLmVXRXLUVUobecnbi1QHVFh7j6BZW6LPLNG0FPVZ19aLKP5AQoV5rfM2RGYiVPmCBExhUx3-eXBtgvNEbJ5B1TEOKEUC9-TBCWWa6RWP7qk6o9/j1IewoaSB35X0Avn4F3Oi63YJlqICn4Of7jS6mvFccH14PwvlOSTbq3WQvsbOhYmywSQBUloCawxhnHYqgIqfqP2jRucnJ6aCkukYauGtA4JgdDLZl09UZczejF0Gjvf/.../recibos-xl-29-05-2015-multi-win.exe

http://dw.uptodown.com/dwn/dPSsTHoI4JQBTYTgzNestuYW-lC0R7Jm-3rvS3IIo86EJK26zph1PQrTQeR_IHYM3NwHR58GxX7r_TvL-L3B-3B2V0kBgZyf1aYGIQlbL7fMgfaZ8Q1H57_0mVz7FCKH/wXfhuBhRFlaQZZ224K6_E56ElwS5iHI7qsLUbC5KhTUp93ik8ksqT4DdBomA47j7VALckiEtbDi-SLa6X2fOSAnZeO1QXUL4H-qMeK0XcHRo7k5YINztG0yriYCPaEY_/jXQ0O53RFPeFEaZNxsjDdVAKavc7ai2tEA-kRUXGl5bjkvr-e_nP90zyEi5VWETb-Nbqg84AKZlLp8EETbWhYcHoP8KBLCVzb1e89i3xHFl-jup1kYTRUuPnuU1fGsKe/.../

https://dw.uptodown.com/dwn/YUfZs3kIik6p2pmD-ilVzS1MTnYNlv6MQ9-RUcY_OZF1mXc-SCqXD_0GyF-vE8u4VyB_DFTRsxRM6BSAGwy7TclCBiZxwfS-cS3whYcvzaAslTxi97-MLut3tlI-24Cj/r5QH3KHCt_rik6HE87VdB_PGEvcDdq6zlmds3gJbwU7s45G4p-beIdO6ebjKdQz_tX7Vcq1d0rA9g9WLKXaRKd68-y2vBmera6Q0nNeuZ7HSQQoO2heOEnCX6_RG3NaO/d0Z8a7-GdKsHB4xtg1EW80uhdoX_sWWtPMsBEBC5gE2xj8gJgrGUHA6BitMl-YstGIFilaYtbK2NPk9j3ewPM49kVWeJGTjbjrs4TPgpj7xXUnvRhbtKD-MS0L4WdC_A/.../

http://dw.uptodown.com/dl/1444848263/.../recibos-xl-29-05-2015-multi-win.exe

http://dw.uptodown.com/dl/1445348563/.../recibos-xl-29-05-2015-multi-win.exe

Scan asociacionesxl.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.