home

consumer.exe

Consumer

RAL DO BRASIL SOLUCAO EM INTERNET E TECNOLOGIA LTDA - ME

This is a setup and installation application. The file has been seen being downloaded from www.funcyclecapital.com and multiple other hosts.
Publisher:
RAL Tecnologia  (signed by RAL DO BRASIL SOLUCAO EM INTERNET E TECNOLOGIA LTDA - ME)

Product:
Consumer

Description:
Consumer Setup

Version:
6.4

MD5:
8a8d66c9a8344553a04e685d9900a9b9

SHA-1:
df84d9f0cdbd92bd4039a97071082b987a32c4bb

SHA-256:
69d40954c97b73948c325354aa267fc660e268b05e078c7fe4c9433e7caacaf6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/6/2024 11:34:17 AM UTC  (today)

File size:
33 MB (34,584,496 bytes)

Product version:
6.4

Copyright:
Copyright © 2016 RAL Tecnologia

Original file name:
Setup-Consumer-6.4.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\consumer.exe

Digital Signature
Signed by:
RAL DO BRASIL SOLUCAO EM INTERNET E TECNOLOGIA LTDA - ME

Authority:
COMODO CA Limited

Valid from:
8/26/2015 9:00:00 PM

Valid to:
8/26/2016 8:59:59 PM

Subject:
CN=RAL DO BRASIL SOLUCAO EM INTERNET E TECNOLOGIA LTDA - ME, OU=TI, O=RAL DO BRASIL SOLUCAO EM INTERNET E TECNOLOGIA LTDA - ME, STREET=AL MANOEL HENRIQUE 256, STREET=Quadra O Lote 14, L=São José do Rio Preto, S=SP, PostalCode=15.056-004, C=BR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008AD957E6533A21FC09B8F437B2F185FB

File PE Metadata
Compilation timestamp:
1/31/2011 2:44:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:maZ/5GLv36OoO1rlOAd9jj5QdLhtoK/GnGDk4kguhhOo4j71:nmLCwr0a9GLhL1kgulkJ

Entry address:
0x1D20

Entry point:
55, 8B, EC, 6A, FF, 68, 28, 21, 40, 00, 68, A0, 1E, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 88, 20, 40, 00, 59, 83, 0D, 54, 35, 40, 00, FF, 83, 0D, 58, 35, 40, 00, FF, FF, 15, 84, 20, 40, 00, 8B, 0D, CC, 32, 40, 00, 89, 08, FF, 15, 80, 20, 40, 00, 8B, 0D, C8, 32, 40, 00, 89, 08, A1, 7C, 20, 40, 00, 8B, 00, A3, 5C, 35, 40, 00, E8, 10, 01, 00, 00, 39, 1D, BC, 32, 40, 00, 75, 0C, 68, 9C, 1E, 40, 00, FF, 15, 78, 20...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
4 KB (4,096 bytes)

The file consumer.exe has been seen being distributed by the following 6 URLs.

http://www.funcyclecapital.com/QX_g8UsJYYugyG94zghNepc2ZrU9cV6ATAR3W3pJ9U8g0qR1sf43i6hjp8imcpNucnQz3RJpM1DeE_EJNIcVDILFjohW2D7WgY7hfgMwAlX58C4B nHu4O3z_oCxSceToSp3FItpP1FFQyZC8iWdyNsRgmah8ZnnMuq_IomjrgtmVPM5pqQw342v4TFfrxcMvKObo4bt9FLKBSHiI5jfVdrMBn37KREPfsC7L53KNIia23UYbxo=-Gz0AAMT Jj9uvYjS3DQ9uX586IrAIQfs_4okUAs2xs5xCDbKGzO bKUfBFX9yWBuDGpZ4_XqJO3FN3EMPgA=

https://consumer.softonic.com.br/.../6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPcm9HTkpBqp2QZj2aTww2FLfdm3zjYWMMo5POJUcvsQrePPlYAQCc7CIXW0TrHj6qMIPN6DhrChVg4HswqS3jPrtX4DP U0O4UCK7TP9OAXy deD68CN5NWVV7Bbtb2xQ=

http://www.ranchsendgift.com/q8wA3M01NElW2AQ4jiPlrPm38_i8wV 0pVXe8bzUz96JIwcqNsTCmMB3v4h6JebvOi19Cfm9XmB7XlO9cHwUbQ8VLl Eq225Vrm 5bDAGFg_GIqb7fQKpQN810wKL5IhiU UzQXCgxORuZqIIFQ46rMhIfJTT8XJ_dr6t1VeUgtOK8vlp5nAyZ81X5iaJSIprNQ2mVqLz4HwNqf0tMMXtrhAQi jdJfxPUKzqUA6N70dqYKAPn8=-Gz0AAMT Jj9uvYjS3DQ9uX586IrAIQfs_4okUAs2xs5xCDbKGzO bKUfBFX9yWBuDGpZ4_XqJO3FN3EMPgA=

http://consumer.softonic.com.br/.../6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPcm9HTkpBqp2QZj2aTww2FLfdm3zjYWMMo5POJUcvsQrePPlYAQCc7CIXW0TrHj6qMIPN6DhrChVg4HswqS3jPrtX4DP U0O4UCK7TP9OAXy deD68CN5NWVV7Bbtb2xQ=

http://download1751.mediafire.com/5f3nbkmewvpg/.../Consumer.exe

http://www.mediafire.com/download/.../Consumer.exe

Scan consumer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.