home

diffractorsetup.exe

Zachariah Walker

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.diffractor.com.
Publisher:
Zachariah Walker  (signed and verified)

MD5:
25e9aab4de42f2244ee2142d7943511b

SHA-1:
99051e29783a3f9a05d21783978a8ee2770862b5

SHA-256:
61e6ba8cb8a520b5c0e9d2e511089775bb7743a9fcb7f86c7b6a9cfe82c8fd70

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 6:51:20 AM UTC  (today)

File size:
7.8 MB (8,131,040 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\diffractorsetup.exe

Digital Signature
Signed by:
Zachariah Walker

Authority:
DigiCert Inc

Valid from:
2/27/2012 6:00:00 PM

Valid to:
3/4/2015 6:00:00 AM

Subject:
CN=Zachariah Walker, O=Zachariah Walker, L=Prague, C=CZ

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0640DF976321F1DECE75BBA3EB207858

File PE Metadata
Compilation timestamp:
12/24/2013 11:01:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:kWzIPV/iH8baGrsLhwtsZ3XkEEWmC9MdTOM5X5JN:kWzw1/pEwtsxSWBMxOsX5JN

Entry address:
0x3219

Entry point:
81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 89, 5C, 24, 20, C6, 44, 24, 14, 20, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 8C, 72, 40, 00, 6A, 08, A3, 98, 37, 42, 00, E8, AD, 2D, 00, 00, A3, E4, 36, 42, 00, 53, 8D, 44, 24, 38, 68, 60, 01, 00, 00, 50, 53, 68, A0, EC, 41, 00, FF, 15, 64, 71, 40, 00, 68, E4, 91, 40, 00, 68, E0, 2E, 42, 00, E8, 57, 2A, 00, 00, FF, 15, B0, 70, 40, 00, BD, 00, 90, 42, 00, 50, 55, E8, 45, 2A...
 
[+]

Entropy:
7.9991

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file diffractorsetup.exe has been discovered within the following program.

360Amigo System Speedup Free  by 360Amigo
360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file diffractorsetup.exe has been seen being distributed by the following URL.

http://www.diffractor.com/DiffractorSetup.exe

Scan diffractorsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.