» dfbhd_demo_020403_xx.exe
Overview
Analysis
File Details
Downloads (77)

dfbhd_demo_020403_xx.exe

Delta Force Black Hawk Down Demo

NovaLogic

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

Publisher:

NovaLogic

Product:

Delta Force Black Hawk Down Demo

Version:

1.00.000

MD5:

a0cb8e32708c9af1e932cb978b02304f

SHA-1:

b68c75612cc2339de3eec8730306798cb8fe6a63

SHA-256:

7d673f1f3e153304312af1bcd02be292c051ab4e8da1cf8fbfdb072b68ec818b

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

5/13/2024 7:49:06 PM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

Heur.Suspicious

16516

File size:

132.3 MB (138,742,957 bytes)

Product version:

1.00.000

Original file name:

stub32i.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\dfbhd_demo_020403_xx.exe

File PE Metadata

Compilation timestamp:

9/5/2001 10:02:57 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3145728:1iApsLy+NX7+Yva/6g29wHumZgzaQnj4JWaDp2cXHZUCc4yXSjccY2e:1lCymL+Yi/6g96zaQnjMDXmCc4nj/Y2e

Entry address:

0x8947

Entry point:

55, 8B, EC, 6A, FF, 68, 18, 33, 41, 00, 68, 80, BA, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, E8, 31, 41, 00, 33, D2, 8A, D4, 89, 15, 5C, 63, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 58, 63, 41, 00, C1, E1, 08, 03, CA, 89, 0D, 54, 63, 41, 00, C1, E8, 10, A3, 50, 63, 41, 00, 33, F6, 56, E8, E0, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 11, 2F, 00, 00, FF, 15, EC, 31, 41, 00, A3, 24, 8A, 41, 00, E8... 
[+]

Entropy:

7.9979

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

72 KB (73,728 bytes)

The file dfbhd_demo_020403_xx.exe has been seen being distributed by the following 50 URLs.

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1477475378&Signature=bUW6g2MvGR3ckft6tATdZ0QptUAxTb6SEHFnOKwfeMitsk~jyTf781EbrWKDVeBbrdWgTTrPPCLzPH3wFoZEJJmKdsJJP2iy2k0Tfe3Su7OMLNXDAi~ndjmwQRrXNxelw4ropMVHAnwtig7hNl3A2GEEfYc0FzqCeTh~MkrvoSo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1484976312&Signature=Ex5SimTIoO77LvGabXDuvDlDNYd2Auzi9nnkK-G3i5YjTZMAasgK1pp6o6tFHuwCbEzsODhKGySLzjLafUfDSraI5VSxXTPsdTt6jdweLdJ72Sys-IE5pLd1ZpTWzjih50JJT0bbRyHVXEyMfM8fW2RgZgYIO1wa12~gTpOlpSw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1484988147&Signature=PswdaG7wF0hcFQsGnrjPNM6I~3b64ZJZipvXopgD1UHpSc2wIMYOT5q-vL5x6fzr1y4BLiWp1jPxWd7A8BPSl11YpSW0r6O1RXTquRzU25C61TjyhcT0h8SjvkBxCksHWiR5H6Xmz6xhM1tLOmgRZxdqyejbN6NrLftd93jPiCo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://letoltes.szoftverbazis.hu/Wrwm1CH90u0pqnEFiZ08Dg/1483041451/.../dfbhdd_d.exe

http://games.softpedia.com/dyn-postdownload.php/8db4d2ce90fb9c7295705b3197db855c/57a60aac/4f/.../2?tsf=0

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1478484007&Signature=S9RKJvidO9WrHwwsjtFTvba~OBQ5zrfqKpOWio3JiIKN3uCU-KTibSc3tp8eZ-qolYAwMmeSzMxpIwCDGxUKKGyiQT1huXFHUtTIA67veGqFg3lJqt5giMQXsGkmVA0XfHzaRPFZetZjQclWQfJgDcefC3-7rRfvlTKd9-J830o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://windows.indir.com/kaydet.php?x=TVRrME5FQkFRQ0VoSVM1QmMyNHJOR1lsYlRWTnx8fGM3NjgyN2U3ZThiMmUzOGI2OTU4YWIxN2I1NDY1YzMx&m=1

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_en&type=PROGRAM&Expires=1479680735&Signature=dN1d0eS3tSNmlJYXohWPrA~Lxh3D0~KduCDqs8ReXrGaOkqgRWn-G2x87IJlF7kgH7NHz~f39xyuVAv5VQU8~D8MNd42QA~1HMheXZ3XEWirRfCce08GfdkOtI~Zy7sDyQa3jgyMVlZ2mdiPkPVPkg6mHJKaq2-6fKNJd83z4a0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_en&type=PROGRAM&Expires=1482645179&Signature=GkAKojtgpGdXww2T2LgJfokMrr-DvwMlaK6vq15mI0J8dFhZ4S6wMypyIN8KmcfBQNbMtQALsavGZa3LyWIykAQi9SGjVGtORvT0Tbf15MlKswMO~SAn-gaHIorw7Z17yTkFm3f081AEp-BXfLz~4Py~0iZZWCMRnPHK51f66I4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1469111382&Signature=SZWNrOj76ND8byR6eTVf2q~PXLj2Rxsajnq3vLbz7Rpwec7JKGtTxVSUvN-bhfFYikI-fxJDo7vI~sSwQxmfkKDOwulTNTyjPC4Ptoz4fFKVo9dj3B~WJoBWXwmyX1GgcMwSFJqfH94wkVrt8XkUrVZ2PlBzj4UuYxK1bEO4XC8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1478595700&Signature=g7wbN0O3NkbmANh05RQOL42YI7X8GFKTZQ04bD1PpzwQJBlQc9-qstq69QmurMjMxKR4d5MGsSP2M5ivXd2d~7q~LobPL535v8MNl6mtkDtC0fQNqrN2ma18Rt38RlfNxl-KH1I5Aw2qDQCUlNMUxaRcf9~IXVLMf-0tzU03i9s_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_en&type=PROGRAM&Expires=1475453506&Signature=aUBC5FzQx0gwORFnk~hPtyhPE1bMBS84AST2QAPyWKN5G2~kWtEAmrOC0p0SJ3xfoWSLiTwUqfTt3GRItIHzgAFL3s-~D-u7YiWE6VrmpdnFr3heNVQVT3YGZ8d0si-khQdT2lfV3SvMT6tARS50zbLxqd1raY4xmvaLytUZiy4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1460088876&Signature=RyCvyZ0B5WJvLuMLKUuRbtJATPIWTNlZnysD8iSZhD1AS5SCFh9re02MnzKhhQl41LiwM5t16ihUNNQTpUdzguiApVido4kMXCzzDyhf4vSpizsvSreUfgUMmOodhPs3egI98zGX43hNnB5DPuswqlZLtxVrSekr0ktH187rWMc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1481541193&Signature=EIYahPHJW28uWyewSO8Ph7mhiVHguQNYytR3H2UqQbVVOzYgTov80gKPcxbYJBGPpjf2MYPowVppz~HDix5RzyQ4m-GJvKLtLPAB27DG7h73b~fzo~cVG5xBivnCrpghXEVC04xR0aKA11AVEXiKaPfbnmvf~1JpW6XmRdLZFqE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_en&type=PROGRAM&Expires=1478252296&Signature=S5E79GJPLQgqzwHvtQc3Zq4dhECZJU52mu1rfeIdYExkFYkCnckqT9Z21cfDwxJCqwO6NQXSU1NHWizyKDXneSrYIRY4VgflpZdTVbVk3OS-~zRze9xHaAgZmefJsNvhDU8NyQNMeUDqBB2I5RZjU0h~W9PbUxEilLAmBfthB4I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_pl&type=PROGRAM&Expires=1476924393&Signature=RpfnAiswzGCe5oh0rXGCsHW4ZixoGqvuhrnlK1IBesf2f~BHLEIGNyZx2bCaoVeH4hJW3k4qBZKk9CYSPMyoLxDsqfBaJnRczW7N~Rl3QHcOgM4Ricv3-CxJ4eOzyoStfd8P8rxJwn47UxnOmMaODE2gFkrwrELVT54AZS6WqnE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1476428350&Signature=KkwUPBzN8nBXi82U63lIvvQg1wl0XnnuNOXA-7Du62K4-VxhcRFQiWaW~p0eQ5AdQpgsuuVOzaAgUjLQMGkET0anorzwNAPC9G~KbdW1jvjGVPV74sHkUbeWVRExM1wsvBRkfsuhxaVJR9QlNlbB2ruXn~gXcVWzaQdiXH4ef0Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1477232810&Signature=Lp-LAQCC6~ZXGu7kp-BieHPfeFknnQDyo3IQH5NzYnB9hEeO2a6hGk4pwWYjwUXG3ZT19afdV3WCvRoeWgpXVl6Le4JD2dbdwaWtzmUVe1Rne0NzsCWpidx8wvVLoatTJK-szEeVGfvDEFLmTrGoSYYLMAjaAMt0g9U4VYyRfd4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://www.sharefuncurrent.com/Sj6v3t93v1yEfAaqPXGJYuNk1ZUmEBl9BjXWXCPpjYHSMCtRK1I1W0zaPgjxtDNtrTpPSDWzne794pH4h5s5rBujDVB7yj0G9Hg9HLlMsW1v6jWZEnk_FR_K_sRsQtpZ86y8iNw250FO59ZDHeIsQGiXK0rXTiwxpe3GM_CnB1WMsBka41gfQQk33wCXgeDmWV7XC_pxMt6wiH27r_nCVzrJdUoQ7w e L JZynEA2 8S2R5qoxlsIZ5e06kgzdBjLfb M_zKhICKm4VBXIkqIS5CCKlMCj8DamU8UTt88Opn90ahFRmW0XH4TBtZv35cHbrg_oLAO77Uk4Y1BbbCrRMZ7Q9n_MQb17bLh_k0FhYaxyhW9PfTtVIL2e9Wnxaw1gId4lnCFVYwbznostCTkx5MrYrvg==-GzYAAERPFttPTDY7EwUBOOTA4Su5WQAYbIydKxjUK2tckLg2kKWntX3rNK_ZpzpHCqG AA==-e

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1475113006&Signature=YfnzJARnofHdm8NdA5M1gMqVryJT4SwpDGsfPSj6Y-CaZqkbFtesXW8Dqm2DXALjpTtBR~7Nm6CfhLJS70YdQQgzYRAduJcGfzOWFn1bxTKHibL4-CpERI0OxKxzIm4ItvMAbGGDtgfif4YyanU17YuZ2g8AN1mg9gXE-6IHfXU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1464531935&Signature=JuTCAcNh4AiKFMOXcV9YC9VQUa643bcFg3Owi43KPPO1uZo15bzdlxbtOrAndiB4jmHiG9-SkZLyEGSbqReaJFjCj4ccBn9o2qCHcimOMv~PgYL-Wao~43QWG69s1Rdpx6Q49CV3RTuggMeYaqiPmZlbC4W10R6F7pw4H1aZMD0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_en&type=PROGRAM&Expires=1477313397&Signature=IR0AV2NXGV93O4hedsLssM-I6nCjY4qnDGMbnJpu-7jVPtqRHA558lrpJ9dVG8G~pBUtra29dyVD25shWFzWl22vMHhdETWx1pyoT1L7CCSUvm-ZcdK9~M0CRd-H3pKv~jn8NOIkQb5aEwqN9DexxGX7Fscakn6gVPpupCAsjyY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://www.laboratoryguardtours.com/BJZaKithXiPntusRGreeZ1Dakv zavThmxiSWpM0JAOjpV4nhoHW2X7YrACSfPwCHDpnwHufqD3U46userID6ei0Fl8AOhIGudUGfLf2KRLcQH9Ac dgUpTCzfD55C8K6nfzlMQtAF1YoHnA2Y9BQCkXV9ca8QSpkTRagtGoMIs1HPa0ZQNOLNw7GIbb3yjxfQdU2AWLMlsNPHQ_x9qiHxdZdOpNioMZHjIfwKGHGmnO2Gpx_Y_D4gtwTE5cWO7k0 2jxqUILYIxBMvnaEPv0j7evw8JFbED0Lo4McGcs_I_ivYzwg72jl0Ke4rVEt9g7iVPwXQ5e80NgixkGFXxxKB99wktHLIRB9Xy3oHRowXEAzU1w84qXFgQjvXmsGf3s8fhXhbkLCscZHeXPvjddL3SReeX5Q==-GzYAAERPFttPTDY7EwUBOOTA4Su5WQAYbIydKxjUK2tckLg2kKWntX3rNK_ZpzpHCqG AA==-e

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_en&type=PROGRAM&Expires=1477363143&Signature=d~kvLNVg8eZ-KC2~xXP5YpHDcsTNAKFo1PNacEmdFhujtVsKJYotIeqV~F3T2J5diCqAApA0OxsIuHO7Rtyo0s1kbIGrr5wOO~IlAGgKqAe~NUNKQGf8nQ7-Y01NMiN~pisNRYJ1nz7jlsbQVOZM1L0Cg9SPcLQUHJRc1p0Lsb4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_en&type=PROGRAM&Expires=1475541992&Signature=SsqTEYi7hO5IEHIbaCw6TZhGujsrA1yNeE7wambW7CpPubyCA~bQNSdeI0ydAzxrzpuLX5aXPW46BS0lc5GdBfKxWWKj1UyX-QEurAbQdWa40i2hIEud1GemgyoY8L4VRt1Kh7UzNS~7n2AnGdQygePgVbxAYg9LleG5w7G3vfI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_en&type=PROGRAM&Expires=1476105374&Signature=L~H6JnkUD27UsxHOVqYnfPMQ2BlPA-vEsZqEUb7CVpu2Dd4nNYmGEqA6GBG3KVZ72BLioJ-doBGDZCJMK7~ew0ytb-rkiKfDCREI0kOKZdQ7pAnT64QjfoMDER2rMkBp1c4RtbsblucohPlQmX4JjFr9FfXc6BLAcNvOGZvt7jA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1476294355&Signature=Uk2J1bV23BFNh~IUWwEozM8ajwzwHmyWc02cjS1sBvfIB3H51Z1EjJZeNp--s9c9tOb~oAz-Q7T9BR8ZtQRCPYttVnf3OflCGEz4gB1sJtwD1pXLFnqpkbV0uaL4AM0S92RNyNjl4wBfDJrcZcdrJe7oubpylOU9RjRuryiiB0U_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1481091298&Signature=aS4AJ0NgayT-LzNtD3x4bb1mvsQ9eooGh2zGD9t9d6mTL9QjshkRI2o1bnhSJqqx86sFgAkKBimolRbvGkPz5I8cw6pNDdo6~tYFSwb1g0y42gIdtb3YOom51mBfl3iizAJu03J5lAwQrtGOkLcS27boxc0EP7kJMB2pcHDkSlw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_en&type=PROGRAM&Expires=1469542987&Signature=dHWhPNeqb61oR-0LgdEGBOyoKj9nxdjvI~PVxk3DBuRpVScj-a5FdtohLNsss3wMhS1y5kFaLHGw3Jprw2~D15DHlLGm1q12HnnwmySe5rfHIWCqTwE6NVqYmc8wNh7rsRnufyZaP-fXzAdYgB2sIMV72Tli0M1rywvx1bThJGU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

http://gsf-cf.softonic.com/b68/c75/.../file?SD_used=0&channel=WEB&fdh=no&id_file=22223&instance=softonic_es&type=PROGRAM&Expires=1467461887&Signature=WFEjmhZySCJSzhBe3i~4h1KxoFux-de9CHtLjbJdFKA3j5uARE63~uzdKW8SB1gG423eeo8NzUUUO59pWIOARfYffYNG~3jbgoXRPio~EEBA3txtMP36BJ4~mZvwmPYJ755FGJcjZj-mFhpX3EGi3CtbkuUsGb-HskpfdazFnUA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dfbhdd_d.exe

Latest 30 of 77 download URLs

Scan dfbhd_demo_020403_xx.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.