home

connectifyinstaller_5.exe

Connectify

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Connectify-Installer’. The file has been seen being downloaded from www.ex.ua and multiple other hosts.
Publisher:
Connectify  (signed and verified)

MD5:
66d77486462b9f52755ab0cdeb7def16

SHA-1:
440ffd195f2bccb9c116f9f3ad801b0fec7c31c5

SHA-256:
f7d9641a425a9b6e643f8d7f4f50bbbce5202a6ae209c7cf0e1e6917ff2dd356

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/23/2024 8:20:09 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
JS:Malware.OddJS!5.3E
23.00.65.131224

File size:
7.4 MB (7,797,992 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\connectifyinstaller_5.exe

Digital Signature
Signed by:
Connectify

Authority:
VeriSign, Inc.

Valid from:
7/24/2013 2:00:00 AM

Valid to:
8/24/2014 1:59:59 AM

Subject:
CN=Connectify, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Connectify, L=Philadelphia, S=Pennsylvania, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
71844350E30B64B59FD6BEC66B063550

File PE Metadata
Compilation timestamp:
12/5/2009 11:53:18 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:d9uFZj2AELqVfEADUbxfVnj8Gm7ksMiPJEP0VpyU:fE0kspbzjbXiPJ9KU

Entry address:
0x36A0

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 88, A7, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 80, 40, 00, 53, FF, 15, 88, 82, 40, 00, 6A, 08, A3, B8, 63, 42, 00, E8, EE, 2E, 00, 00, A3, 04, 63, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, B0, 0C, 42, 00, FF, 15, 58, 81, 40, 00, 68, 10, A8, 40, 00, 68, 00, 5B, 42, 00, E8, F4, 29, 00, 00, FF, 15, B0, 80, 40, 00, BF, 00, C0, 42, 00, 50, 57, E8, E2, 29, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
24.5 KB (25,088 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Connectify-Installer

Command:
C:\users\{user}\appdata\local\temp\{random}.tmp\connectifyinstaller_5.exe


The file connectifyinstaller_5.exe has been seen being distributed by the following 29 URLs.

http://www.ex.ua/.../95842397

about:internet

https://dw.uptodown.com/dwn/nda2dPdeJ1HN7Xc8Fw3m-c6-p39-iVu1dNuYa4Eq7T-u_jiYNQi2pM1Yrcuz6BuXpiO2t314TwNjov450qQxeSkjTjl1je6mRWSPmEz74FSipazXS0QEaMElm3zHDLIR/_OTH07qbgbBDf-tmsAW_KGsfzvhsmFI5846yoMsYzq3zfO01TQHFTH8w_nvw68ROF65Xt8ihjDgz8G30XJ67c4lyCyvXQXqsquVnhtvaDTzsn56ncmO0xks_yN0dzP2a/NTWPWsWvYK6q7U30utP5Zg5r_lTTEn2OZQ0mNxOVHXIjdps_m9ELpIqVw3XNsmYc2P58p3ekNKIo1mPVJBp50SxgE534BJbnzth4dCIAI6UJZDKl11jUdP4hAFViHLqA/.../

http://www.techspot.com/downloads.php?action=download_now&id=4899&evp=85b09b335c2e99db6bf73962b2210f0a&file=1

http://es.kioskea.net/download/.../descargar-8257-connectify

http://downloads2.connectify.me/?src=banner

http://download.softobase.com/Connectify_Setup.exe

https://ugmdcw.bay.livefilestore.com/.../ConnectifyInstaller.exe

http://download2156.mediafire.com/aw7ccn6c0j8g/.../connectify 7.2.exe

http://files.jalantikus.com/dde/1057/.../ConnectifyInstaller.exe

http://downloads2.connectify.me/?src=&_ga=1.174819618.1443766548.1389647023

http://download1us.softpedia.com/dl/86b5977ef53e9d54ade7955af8ff7b13/52c6e45f/100145907/software/.../ConnectifyInstaller.exe

http://downloads2.connectify.me/ConnectifyInstaller.exe

http://downloads2.connectify.me/?src=src:dispatch_,ref:banner_upgrade

http://downloads2.connectify.me/?src=&_ga=1.81918292.311797215.1390855286

http://downloads2.connectify.me/?src=liteplusemail

http://downloads2.connectify.me/?src=src:undefined,ref:banner_upgrade

http://downloads2.connectify.me/?src=awcn

http://downloads2.connectify.me/?src=&_ga=1.159899582.245124428.1389361118

http://download1uk.softpedia.com/dl/b49ca76e1b65364854abba19a9a776ee/52c90082/100145907/software/.../ConnectifyInstaller.exe

http://www-usw2.connectify.me/

http://biblprog.com/go.php?site=http://.../ConnectifyInstaller.exe

http://downloads2.connectify.me/?src=&_ga=1.176258529.573390545.1389920087

http://downloads.connectify.me/ConnectifyInstaller.exe

http://downloads2.connectify.me/

https://doc-04-a4-docsviewer.googleusercontent.com/viewer/securedownload/26vc2or2d926rk1coldisu88g2o6ubl6/ul6kmmdcngldta16qtdeeh78qhq3k5ro/1389463200000/ZXhwbG9yZXI=/.../MEI2eFdPZFVESlNkX1QwZFFVRUZQUmt4RVUwMA==?a=dl&filename=Connectify Hotspot Plus Dispatch Pro 7.2.1.29658 Final.rar&sec=AHSqidaKuQuh9eK5r2ykB9VwYysAhF0ASNkKeWvQz_Qe3RsWQwNwc54d0-0aal0QCCVM6n1n_VSl&rel=rar;r2;ConnectifyInstaller.exe

http://downloads2.connectify.me/?src=&_ga=1.17476091.374994375.1389630613

http://dl.cdn.chip.de/downloads/.../Connectify721Installer.exe

http://downloads2.connectify.me/?src=

Scan connectifyinstaller_5.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.