» ccsetup515.exe
Overview
Analysis
File Details
Downloads (624)

ccsetup515.exe

CCleaner

Piriform Ltd

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from fs33.filehippo.com and multiple other hosts.

File name:

ccsetup515.exe

Publisher:

Piriform Ltd (signed and verified)

Product:

CCleaner

Description:

CCleaner Installer

Version:

2.0.0.0

MD5:

bb3219ebc560b80551f94bfc70ea60c2

SHA-1:

8b1f53a9e0ffb090032a69312b1bc1121cb97601

SHA-256:

9a2215f596248a2206fcf8b60830cd32e28533a6a010e36667904ec6b88576e5

Scanner detections:

2 / 68

Status:

Clean (2 possible false positive detections)

Analysis date:

4/19/2024 10:34:05 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Bundled.Toolbar.Google.D potentially unsafe application

8.0.319.0

Reason Heuristics

PUP.Bundle.Toolbar (M)

16.11.11.1

File size:

6.5 MB (6,837,784 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\ccsetup515.exe

Digital Signature

Signed by:

Piriform Ltd

Authority:

Symantec Corporation

Valid from:

8/12/2015 2:00:00 AM

Valid to:

10/11/2018 1:59:59 AM

Subject:

CN=Piriform Ltd, O=Piriform Ltd, L=London, S=London, C=GB

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

4B48B27C8224FE37B17A6A2ED7A81C9F

File PE Metadata

Compilation timestamp:

2/24/2012 8:19:59 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

196608:COyWNqOdZbh8uchCHSg0fRANQEIA/6HpG:CUq22wR0fRgQEIO

Entry address:

0x39E3

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

28 KB (28,672 bytes)

The file ccsetup515.exe has been seen being distributed by the following 50 URLs.

http://fs33.filehippo.com/3433/.../ccsetup515.exe

http://fs40.filehippo.com/9878/.../ccsetup515.exe

http://filehippo.com/download/file/.../

http://www.bitstagcontent.com/ojCR6Jw5jV0bATMit2DJhEVEsOJzS7ZO0fZj1PHlozoCvg74sBlPjEITPzRNGs6ng rpDtjDa H_KvYHfP_8NkXEi8ck_Uk5ieWT8GJHyJMymqpcU1Ee1iRpQT3w1s7Gd7tyf1cLITAmNmQzrrQzDKrWN7o5Rh F NJYJHvmj9JF3r1R1TnJ6YHRgUg79COKe0a lylT-G14BAGSZzbbpuiEJ3hdX4KAm8Lru9KD87f A347XJIWpbnUwkDigHInHq jyDJO2a91fhIKAbACLYIOz_1PccY9whjmT_BFYcCl5YrF54N307Sk6TdtPJKtyT_ZGvdmy0HtT9a2Hm4kOTzb2iE3h1uodCfJdv6O7qZ14MdrWydHW8e3D_vmYXtHP24_n50eXjW4f70TAG4b3P8qZDYnAg3uF9Hgvv8p8sMkibZdX9Na3XALjkvQz_x 73c WKayBpZzjnc3g940tWtQylp_JobkJ75 LdNaFFIERCF9iA6086JNElXSkI3EmJ1CyJwDoFGQpUTNgzVtksYLgJwB

http://lb.cdn.m6web.fr/d/c/a/d6b12af178b379412135aeceaf7083c2/56f2e435/soft/.../ccleaner_5-15-5513_fr_14492.exe

http://filehippo.com/de/download/file/.../

http://filehippo.com/download/file/.../

http://fs34.filehippo.com/2219/.../ccsetup515.exe

http://filehippo.com/es/download/file/.../

http://filehippo.com/fr/download/file/.../

http://fs40.filehippo.com/7802/.../ccsetup515.exe

http://filehippo.com/fr/download/file/.../

http://filehippo.com/download/file/.../

http://www.bitstagcontent.com/ZXeiKjZh7UoyALUNY7vHI9rqBQQDP9JtXzXuejHs2g3iaPBx2FxoQH3aQ_urULw7mNdUH 00M043DHsUJlvpZ7NUNLr0ZUxUA8INLDeWyvpx2LwPWcbG4EV YVlwAat4xINLP_oQqkByISJnZ2lvZ3i6hUqztaaCIHDFl_lm_QwYugyfuK6FRj9OQzwTUUxJ8u4vC5Nj-G14BAOTHvPd26m5pX6DBDvShdFx3elD 9n_fAb8dkqSCluZSSyQOKD1ZaCb8sBtRyn0_OwnFDkjBbaXt8Nz8VGXcI6Ts9Am qR0GpoB37vng3SQs2vAbNh7R1vgfbY3SdFH6PF7berhh6PBsawfdHG4RLpaCbOfv6G7SFzNa2zo52jq fdiXD9s74nH7 ez08Koh 9e7wEBoQ_a_KppNh3BD9qtV81PZh0gq2nZNH9byplsMjHH9zJ_3fmdlEeoaVgCADzclTYJfg1zX8rQYkp Y_msR1gQjznnPiMIkSqUZMY4ZTi0F7bUMxhkTvRVUKAdOgwUhJPM WskJDgE=

http://filehippo.com/download/file/.../

http://ftp-stahuj.centrum.cz/dl/1e8b2b0fb9d4967064eca48c1d78baae/56e579ce/stahuj/download/software/secured/c/ccleaner/5155513/.../ccsetup515.exe

http://filehippo.com/download/file/.../

https://doc-0o-c8-docs.googleusercontent.com/docs/securesc/hdvalon3tg6bio0mkcaej60unp8u1fi5/2ijcjciapknbi0e9k17hnomin0in0kip/1479823200000/.../01615517811904857533/0B71xaq0YzhntdXZicnZ6a2piWnM?e=download

http://fs41.filehippo.com/7699/.../ccsetup515.exe

http://dw.uptodown.com/dwn/TwagBGU7EBwOAqYsNkDNZlXovlnI27_5j94e2neFIg6OwLjWhFb683lMBQF_G-pzb5wi5K_HxZ2ctwABwN7bJRhtZYOttZbVPIyjXagDRyttY2yR4Bal8TGcOEtxvLl9/s9grSZSYNVYUMhfqtGHpJ2OUa2yf9I1yjybpYUtxHE2Fo9hCs2Cvt3brhnkM3JXHN_cjGzhlvbxGu0Zd59RQUPRakyHV9y8ZEmY24rhj4zUyDlwk9cwM4r2yBT9dsTKY/.../

http://www.bitstagcontent.com/u10B1h 0zA_xovM6iUdQrfLuiQOrYOw 4wJwJa_VNDxlw_lcFdRn5kErusq3apqVq8auLWiyv kMhvE471Weu5V9_fUgIfPx_nirHz6_86VFOshT6hcdfW0oI6J qBBQzz2gcKhttQJtnehUnMvy 2E7ZRwKbjMKH7 dOD8dEV7lzt1im7CTWE7bz3n9l8f6ldkmgan9-G14BAGRZLn v7kebEHTiXrWD6brTg_K3__sO O2QJBW0NJdaInFA6clCM GH3YhS5f10EooOeMHQUTg8j3 cMu4RWkf6BN 4CEEYkFH6fPBuyBdh_ptvPLKt_p9tdeW4qH3Vr2093Ah2eLa1w24Ot7hUS0G283d0N_g67ta2To62jm8f9vXD9o563H4 Oz28Cvj 9S4QkAK _ XYbDqGAd93VuMfJz5EUtG2G_t8LW 6RSUJ9DN_3vud6kXu1tAAAD7c1OWQZ2uQ3Vo1FkPyk9h_LfI1NEIUIqc4IUIChWRVoklkNrEoC6ENFXEhwKLOMCtiY1NQhQXkseBEBg==

http://fs34.filehippo.com/8197/.../ccsetup515.exe

http://fs31.filehippo.com/6616/.../ccsetup515.exe

http://filehippo.com/jp/download/file/.../

http://filehippo.com/download/file/.../

http://www.download.fi/.../download.cfm?version_id=108781&software_id=789&mirror_id=0&installer=0&perion=0&air_installer=0

Latest 30 of 624 download URLs

Scan ccsetup515.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.