» empire_earth_i__ii_gold_bundle_download_manager.exe
Overview
Analysis
File Details
Downloads (1)

empire_earth_i__ii_gold_bundle_download_manager.exe

Download Manager

Softdistribution GmbH

This is a setup program which is used to install the application. The file has been seen being downloaded from softwarebilliger.download01.com.

File name:

Publisher:

Softdistribution GmbH (signed and verified)

Product:

Download Manager

Version:

1, 3, 3, 98

MD5:

96075a2fb1c5bd9a7bc8ba0b0a617016

SHA-1:

d23b56e37e087ba1b23e3b2a03a72ce192846256

SHA-256:

491c3e6cedae52096ccc655d939b507c0f07857404b56788c1c8eae520eb5a94

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 7:05:10 PM UTC (today)

File size:

1001.7 KB (1,025,752 bytes)

Product version:

1, 3, 3, 98

File type:

Executable application (Win32 EXE)

Language:

German (Germany)

Common path:

C:\users\{user}\downloads\empire_earth_i__ii_gold_bundle_download_manager.exe

Digital Signature

Signed by:

Softdistribution GmbH

Authority:

GoDaddy.com, Inc.

Valid from:

12/2/2014 4:36:59 PM

Valid to:

12/2/2017 4:36:59 PM

Subject:

CN=Softdistribution GmbH, O=Softdistribution GmbH, L=Kirchheim unter Teck, C=DE

Issuer:

CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

045960D4F68E7E

File PE Metadata

Compilation timestamp:

3/3/2016 11:44:34 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

24576:Qknr5uJD3U9vQVIta1t4vQ4O5x1DU+n/x:Qw2k94VItafQEDU+nJ

Entry address:

0x67391

Entry point:

B8, C8, 33, 6C, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 44, 88, 63, 59, 44, F1, FB, 33, D4, F6, 12, CD, 75, DC, E8, 08, 5F, 63, 6A, 84, 22, 8E, CC, FB, 4D, BB, D2, 08, FA, 97, 37, 1A, 8E, AF, 32, B6, 49, 1C, 69, D8, E7, A0, 9D, 1F, 5E, 93, 5A, 2D, E5, 27, 25, E7, F8, EC, 31, F0, 7B, B2, CF, 89, CD, 1C, 55, 81, 7F, 21, 36, 99, 76, 8C, C1, 16, 0E, 05, B0, 6E, 92, E2, 1C, 3F, 0B, 55, 24, 49, 35, 7C, E0, 9F, 72, 77, 8D, BD, C8... 
[+]

Packer / compiler:

PECompact v2

Code size:

2 MB (2,052,096 bytes)

The file empire_earth_i__ii_gold_bundle_download_manager.exe has been seen being distributed by the following URL.

http://softwarebilliger.download01.com/request_download.php?id=Y2U2OTQWYJNMYMNLMDNLZDY5YZY2YWVL

Scan empire_earth_i__ii_gold_bundle_download_manager.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.