home

explorerxpsetup.exe

This is a self-extracting archive and installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
MD5:
c8e4b928cc4152cbbc0cc04a8714f543

SHA-1:
2a591ada5621c239240814f7f5c7f0a44ab37963

SHA-256:
e3f1d9c064096db9743e6997756ec18faad1a8337197a525b1cf314b0adc9d90

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 6:27:09 PM UTC  (today)

File size:
410.3 KB (420,137 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\documents and settings\pc2\mes documents\downloads\explorerxpsetup.exe

File PE Metadata
Compilation timestamp:
8/26/2005 8:18:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:KEDBRx/8bSW9NKzmVWPd7/D35cPIwEXHwVf8qbaRRqkv7w9Swruw5134CUHpRnBK:7h8j9xWP0PDEmf8oqYSquw5J8HLc

Entry address:
0x3174

Entry point:
83, EC, 20, 53, 55, 56, 33, F6, 57, 89, 74, 24, 18, BD, 38, 92, 40, 00, 89, 74, 24, 14, C6, 44, 24, 10, 20, FF, 15, 30, 70, 40, 00, 56, FF, 15, 80, 72, 40, 00, 68, 28, 92, 40, 00, 68, 20, 3B, 42, 00, A3, D0, 43, 42, 00, E8, C0, 27, 00, 00, BB, 00, B4, 42, 00, BF, 00, 04, 00, 00, 53, 57, FF, 15, 58, 71, 40, 00, E8, 79, FF, FF, FF, 85, C0, 75, 24, 68, FB, 03, 00, 00, 53, FF, 15, AC, 70, 40, 00, 68, 20, 92, 40, 00, 53, E8, 9A, 27, 00, 00, E8, 59, FF, FF, FF, 85, C0, 0F, 84, 46, 01, 00, 00, BE, 00, A0, 42, 00...
 
[+]

Code size:
22 KB (22,528 bytes)

The file explorerxpsetup.exe has been seen being distributed by the following 9 URLs.

http://gsf-cf.softonic.com/2a5/91a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=32969&instance=softonic_en&type=PROGRAM&Expires=1478616824&Signature=aLzxCommvdYNHwrZclgR5QtxSKWqGV3umAcsM7lzu783xsVxDypi3znzwLqV9JtvN3hmRHym1BJPivsXh2tFvf70DKkWBkOTuxh3XIraiNBzBmWno5GM4jarDgQRXwHdQG8tJ5xo3ARBUR5sCYueCVm9poYSD7RQ7MMnUddV7m0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=explorerxpsetupaka.exe

http://downloads.ziddu.com/downloadfiles/.../explorerxpsetup.exe

http://www.majorgeeks.com/index.php?ct=files&action=download&

http://explorerxp.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPxJrO1TsV2ZQoV4i4Pnuvz5BfvcJF5YcB ioRo OYiFZm/.../cPiqBpJ8MN5a6NRwkQVHLB0hYdC8Qee8=

http://files.downloadnow.com/s/software/11/00/35/.../explorerxpsetup.exe

http://www.mk-job.com/upload/.../explorerxpsetup.exe

http://gsf-cf.softonic.com/2a5/91a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=32969&instance=softonic_en&type=PROGRAM&Expires=1443405554&Signature=OkPqCFWnTdkzvjVl1TKYbMuUd~DtgoVZCNFLZMdGiuJR4S67HGfjC0bmFMMBQdKckTjFI0MoIEtXhxl94mdfhf0pd8DFC3J0XG-yTzE3mHfxq1ipehBGQg9XjyOw085qxkDneeHtk4dvq6PoktcqbQvjELkO-XyieIwTnbGrzuM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=explorerxpsetupaka.exe

http://gsf-cf.softonic.com/2a5/91a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=32969&instance=softonic_en&type=PROGRAM&Expires=1444174957&Signature=ZU7BLqZMmNjsRE6bAXJRyYlpvhsm5iOnVuUDo67RPPPsnMyHANYfcTPvA5DNjC-ka51k5r4CtF3lhbJ447qu9QzJ7V4T~nxLITOQtxVg8bAoQqEPtvY1TzaTTij2kygkPlP8z1MpDBf0-3ClO-F7sWyTYiceL5BosRFssEt~ZrM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=explorerxpsetupaka.exe

http://www.explorerxp.com/explorerxpsetup.exe

Scan explorerxpsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.