» download.exe
Overview
Analysis
File Details
Downloads (173)

download.exe

7-Zip

Mozilla Corporation

This is a setup and installation application. The file has been seen being downloaded from filehippo.com and multiple other hosts.

File name:

download.exe

Publisher:

Igor Pavlov (signed by Mozilla Corporation)

Product:

7-Zip

Description:

7z Setup SFX

Version:

4.42

MD5:

ac133256b440ce5718f683037378321e

SHA-1:

d3b7fe713fabe85f7b6f1725d9e85c6397cc242d

SHA-256:

238c9885f7e7682a53f95725f81f58e6a9d78d5a8a48d073415fb423aa9443fc

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/23/2024 4:52:31 PM UTC (today)

File size:

37.8 MB (39,627,584 bytes)

Product version:

4.42

Original file name:

7zS.sfx.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\download.exe

Digital Signature

Signed by:

Mozilla Corporation

Authority:

DigiCert Inc

Valid from:

9/16/2013 7:00:00 PM

Valid to:

9/21/2016 7:00:00 AM

Subject:

CN=Mozilla Corporation, O=Mozilla Corporation, L=Mountain View, S=CA, C=US

Issuer:

CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0511EAF8579E2662BE622DE5AE0CD408

File PE Metadata

Compilation timestamp:

4/17/2014 12:29:40 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

786432:U6GFajtvptibQS9Iy3HIIDRa3FiDQbuAO+AK03m0QgVrhjkDLYoHC0sUg2a1b5:f6Wt6bRSy3LRQFiDQbY7K0W0BXoiTU7w

Entry address:

0x21E30

Entry point:

60, BE, 00, 80, 41, 00, 8D, BE, 00, 90, FE, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75... 
[+]

Entropy:

8.0000

Packer / compiler:

UPX 2.90LZMA

Code size:

40 KB (40,960 bytes)

The file download.exe has been seen being distributed by the following 50 URLs.

http://filehippo.com/download/file/.../

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141228235356&nva=20141229115456&token=023e201face76f214eee3&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141205221306&nva=20141206101406&token=0d2aad2d3d508e4b6f121&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://firefox.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flaaQpaCllZo=

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141226140409&nva=20141227020509&token=05c7f3d93e510732482a0&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141230094449&nva=20141230214549&token=08d01c746aaf277be2454&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://www.filepuma.com/file/1418456839c7610/mozilla_firefox_34.0.5/.../0/

http://firefox.el.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flp-MpKOjlJg=

https://ftp.mozilla.org/pub/firefox/releases/34.0.5/win32/.../Firefox Setup 34.0.5.exe

http://firefox.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flaiJpKCil5c=

http://filehippo.com/download/file/.../

http://firefox.ru.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flaiIpZ-ikZ0=

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141213222346&nva=20141214102446&token=014441deb8c3135abfbaa&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141213013523&nva=20141213133623&token=02d5861453f00373d7ece&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141205055845&nva=20141205175945&token=0f68d14c5f3d861d91f2e&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141213204529&nva=20141214084629&token=00e0db5f344206bea97ce&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141218182535&nva=20141219062635&token=086f17ec1d44841c933e7&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://firefox.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flaeMnp-kmJk=

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141205162816&nva=20141206042916&token=0097194e663de0fd4decb&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141214150243&nva=20141215030343&token=040ebe4096b5f7416fc90&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://firefox.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flaeHoqSmlJU=

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20150114045844&nva=20150114165944&token=005f01adcbb38d558bbac&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://firefox.ro.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flaaQo5-fkZs=

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141220222418&nva=20141221102518&token=0c10ec0448435c5bd7fa0&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://firefox.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flaeHnp-imJ0=

http://firefox.el.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flp-Jp6Cfl5Q=

http://firefox.ro.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flaiIpqWll5U=

http://global-shared-files-l3.softonic.com/d3b/7fe/.../file?nvb=20141216194610&nva=20141217074710&token=0f2560e52ac69b5e4b522&SD_used=0&channel=WEB&fdh=no&id_file=107191&instance=softonic_en&type=PROGRAM&filename=Firefox-Setup-34-0-5_EN.exe

http://firefox.vi.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flaeQpqOkmJs=

http://firefox.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flqCIoaKnk5w=

Latest 30 of 173 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.