» d85b.exe
Overview
Analysis
File Details
Downloads (35)

d85b.exe

ooVoo

ooVoo LLC

This is a setup and installation application. The file has been seen being downloaded from www.bin.ge and multiple other hosts.

File name:

d85b.exe

Publisher:

ooVoo LLC (signed and verified)

Product:

ooVoo

Description:

ooVoo Setup

Version:

3,6,1,25

MD5:

36fe080530e6d855b2a825bb8b3c663d

SHA-1:

ec81346ab5e238d374e6fc35114458d4d8b1de13

SHA-256:

8c0fc26eac1907cc51f92ac760b110a8327f0da501d96ab80bf189dea0ee6b13

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/24/2024 6:50:59 PM UTC (today)

File size:

2.3 MB (2,387,520 bytes)

Product version:

3,6,1,0

ooVoo

Trademarks:

ooVoo

Original file name:

ooVooSetup.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\d85b.exe

Digital Signature

Signed by:

ooVoo LLC

Authority:

Thawte, Inc.

Valid from:

7/7/2011 3:00:00 AM

Valid to:

5/31/2014 2:59:59 AM

Subject:

CN=ooVoo LLC, OU=Secure Application Development, O=ooVoo LLC, L=New York, S=New York, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

63BD8898DCCDF686998F18F63F5A136E

File PE Metadata

Compilation timestamp:

1/8/2014 7:31:13 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

49152:pOoyWWyhu6WOGeRN6vQQJBAZucAiMPof7WU/ZahPzuN0HI:R8eRg4Em4c1yKWU

Entry address:

0x4617E

Entry point:

E8, 4B, C7, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 51, 83, 3D, B8, B2, 4E, 00, 00, 57, 0F, 85, 8C, 00, 00, 00, 8B, 7D, 10, 33, C0, 85, FF, 0F, 84, 92, 00, 00, 00, 8B, 55, 08, 85, D2, 75, 17, E8, 8A, 18, 00, 00, C7, 00, 16, 00, 00, 00, E8, 45, 1A, 00, 00, B8, FF, FF, FF, 7F, EB, 74, 8B, 4D, 0C, 85, C9, 74, E2, 53, 56, 6A, 41, 5B, 6A, 5A, 5E, 2B, D1, 89, 75, FC, EB, 03, 6A, 5A, 5E, 0F, B7, 04, 0A, 66, 3B, C3, 72, 0D, 66, 3B, C6, 77, 08, 83, C0, 20, 0F, B7, F0, EB, 02, 8B, F0, 0F, B7, 01, 66, 3B, C3, 72, 0C... 
[+]

Entropy:

7.5385

Code size:

726 KB (743,424 bytes)

The file d85b.exe has been seen being distributed by the following 35 URLs.

http://www.bin.ge/getfilee.php?id=4C085732&access_key=YzNlYjVlNDkzNTExYjllMGZkZDFkMTU2ZjUxZGUzZDRlZDFiZDM2NjBkODFkZmRkZGU5OGU0OGY3MTk1MGE4ZDAx&captcha=363933

http://lb.cdn.m6web.fr/d/c/a/da61c8e9bb5cf4c2deec1e03be94222e/54c37c90/soft/.../oovoo_3-6-5-10_fr_62320.exe

http://software.downloadtree.net/ooVooSetup.exe

http://oovoo.el.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flJ-HpaCmmZY=

http://installs.innovativesys.co/.../ooVooSetup.exe&u={ACE23E49-DA42-4C25-B5CC-0D8F6B8F8DD1}

http://oovoo.el.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-enaGKn6Gjlpw=

http://es.kioskea.net/download/.../download-512-

http://software.thaiware.com/download_url.php?id=10932

http://www.oovoo.com/.../oovoosetup.exe

http://www.commentcamarche.net/download/.../download-34055554-

http://z.getfile137.com/ex/d?z=1052&name=ooVoo&file=http://download.cdn.oovoo.com/.../ooVooSetup.exe

http://188.138.71.194/.../ooVooSetup.exe

http://download.cdn.oovoo.com/.../ooVooSetupBeta.exe

http://oovoo.joydownload.es/get_file/wUia6yjQOMnI2nu1Wf6vCxAt2103NSqiChOxat/Zp7pvuXf14WJwwckPL1XsK7H/.../iHoDjraAOANgYKjayUMK7M3JQpQbOmoCWh0O8TILAl3xOG9UHM3c9z40Ok1CGi u1jJnPQvDpC3YobqfXof1cC3D g2lF4f6YLv2wGkO7h 1CanB8VPsZjdHCaK5tXV2jJ1L NRTsk=

http://www.onedownloader.com/.../oovoo.exe

http://gsf-cf.softonic.com/ec8/134/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=61215&instance=softonic_jp&type=PROGRAM&Expires=1439139370&Signature=QEVBDvogAyt8wfSf-H8onjSBIaWgnsV6qtZtGAPUekom6ad9zO~QlgbS3wvVSSX66GqbDuvGW16f05LIddFLppBF2i886r~dCPw7u~7yJhVLSJEX2IGTcLP8ouiJB9ve9EuhZ6s6RH16enJzhVs8BL7WX8T07OJG5PEuk5iOvRM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ooVooSetup.exe

http://filehippo.com/download/file/.../

http://www.installer-assist.com/.../ooVooSetup.exe

http://www.filehippo.com/download/file/.../

http://oovoo.el.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-enaaQn6CkmZQ=

http://filehippo.com/download/file/.../

http://d7.innovativesys.co/.../ooVooSetup.exe

http://installs.innovativesys.co/.../ooVooSetup.exe&u={A654E5CC-A1A2-43B3-ACAF-65BC20508960}

http://d.innovativesys.co/.../ooVooSetup.exe

http://installs.innovativesys.co/.../ooVooSetup.exe&u={E0AD05F4-723B-4433-AF5B-9497BE077FBF}

http://www.techtudo.com.br/_/software/.../download

http://filehippo.com/download/file/.../

http://down.filepuma.com/files/webcam/.../ooVoo_v3.6.4.16.exe

http://www.filepuma.com/down/1404336578c5527/oovoo_3.6.4.16/.../0/

Latest 30 of 35 download URLs

Scan d85b.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.