home

downloader.exe

Setup Downloader

OOO Yandex

Publisher:
OOO Yandex  (signed and verified)

Product:
Setup Downloader

Version:
0.1.0.13

MD5:
e25ff9fb1bf08fcc139ed5cd61fce826

SHA-1:
ba90b1f9ecbba526ab05a03e20a5fd2c01a2b20b

SHA-256:
8c7372de28eb5567485c4802446c2042fbb9b8a0033fc75a5b35c51da95dfc9b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/20/2024 11:56:41 PM UTC  (a few moments ago)

File size:
126.3 KB (129,336 bytes)

Product version:
0.1.0.13

Copyright:
Copyright (C) 2012 Yandex LLC

Original file name:
download.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\downloader.exe

Digital Signature
Signed by:
OOO Yandex

Authority:
VeriSign, Inc.

Valid from:
2/5/2010 4:00:00 AM

Valid to:
2/5/2013 3:59:59 AM

Subject:
CN=OOO Yandex, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=OOO Yandex, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3769815A97A8FB411E005282B37878E3

File PE Metadata
Compilation timestamp:
3/12/2012 12:03:18 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:xxHhx8lwSSabl4dfjL7lu6mXWU6MX+jQk5Fh:XIwpabKdfjLs6mv4Lh

Entry address:
0x6DC3

Entry point:
E8, 67, 5F, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C, 24...
 
[+]

Entropy:
6.4278

Code size:
86 KB (88,064 bytes)

The file downloader.exe has been discovered within the following programs.

Yandex.Disk  by Yandex
Publisher's description - “Files on Yandex.Disk won't get lost if your phone or computer breaks. You'll have enough storage space for your most precious photos and important documents. Share your Yandex.Disk files with family, colleagues or friends. You control who has access to your files.”
disk.yandex.ru
20% remove it
 
Powered by Should I Remove It?

Scan downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.