home

{dd31026e-b6cc-4940-a0b9-c5083505b2b2}.exe

Panda Security SelfExtrator

Panda Security S.L

This is a setup program which is used to install the application. The file has been seen being downloaded from filehippo.com and multiple other hosts.
Publisher:
Panda Security, S.L.  (signed by Panda Security S.L)

Product:
Panda Security SelfExtrator

Description:
Panda Security SFX

Version:
15.14.2.0

MD5:
2b6ee5aa9957b51c3ae04db144d5e25d

SHA-1:
fb096e8505729b38ef04f88c8a16778b3a38c64c

SHA-256:
d9967e82ce7ca49bbecf1cf4c12d79d0ddb1d581df10d5028fe0b8906b7fd943

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 11:43:18 AM UTC  (today)

File size:
64 MB (67,080,224 bytes)

Product version:
15.14

Copyright:
© Panda 2016

Original file name:
7zS.sfx.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{dd31026e-b6cc-4940-a0b9-c5083505b2b2}.exe

Digital Signature
Signed by:
Panda Security S.L

Authority:
GlobalSign nv-sa

Valid from:
12/31/2015 8:33:37 PM

Valid to:
4/23/2017 6:56:49 PM

Subject:
CN=Panda Security S.L, O=Panda Security S.L, L=Bilbao, C=ES

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11214E62DF3C5C8A024892338D70DAB89782

File PE Metadata
Compilation timestamp:
2/19/2016 3:40:08 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1572864:+Wd0uBUoaE5cdxQPsu/pUSLfodNhu8jcJQBRR0diJvM:xjLabdd8hjongAFlvM

Entry address:
0x19782

Entry point:
E8, 11, 3B, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, 38, 77, 42, 00, E8, 24, FC, FF, FF, 6A, 0E, E8, DB, 1D, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, 9C, A9, 42, 00, BA, 98, A9, 42, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 29, F6, FF, FF, 59, FF, 76, 04, E8, 20, F6, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00, E8, 13, FC, FF, FF, C3, 8B, D0, EB, C5, 6A, 0E, E8, A6, 1C, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 81...
 
[+]

Entropy:
7.9983  (probably packed)

Code size:
127 KB (130,048 bytes)

The file {dd31026e-b6cc-4940-a0b9-c5083505b2b2}.exe has been seen being distributed by the following 20 URLs.

http://filehippo.com/download/file/.../

http://dl.cdn.chip.de/downloads/.../FREEAV_6.1.3.exe

http://acs.pandasoftware.com/Panda2016/FREEAV/.../FREEAV.exe

http://filehippo.com/download/file/.../

http://www.filepuma.com/file/1470439107c11932/panda_free_antivirus_16.1.3/.../0/

http://dl2.filehippo.com/.../FREEAV.exe

http://www.filepuma.com/file/1467913312c11932/panda_free_antivirus_16.1.3/.../0/

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://acs.pandasoftware.com/Panda2016/FREEAV/.../FREEAV.exe

http://lb.cdn.m6web.fr/d/c/a/8450550815cfebd45ff9e87704bc719b/576a5951/soft/.../panda-free-antivirus_16-1-3_en_284260.exe

http://filehippo.com/download/file/.../

http://indir.gezginler.net/i/9850/.../

http://www.filepuma.com/file/1467292171c11932/panda_free_antivirus_16.1.3/.../0/

http://filehippo.com/download/file/.../

https://proxy-nl.hide.me/go.php?u=UI7S63ZXb6TyhFELxPmA4mhzBKsl6IWV4gbsNV409U5N1k29bLm e1lRoWhnR30GzeTf5N42JaTQHOOQLkwBhSY12v0 atn6PGjlOa8eEPtlLvtQPsezkEqZJdPAx7nK&b=5

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://acs.pandasoftware.com/Panda2016/FREEAV/.../FREEAV.exe

Scan {dd31026e-b6cc-4940-a0b9-c5083505b2b2}.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.