home

f9l1101v2.exe

Belkin International, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from cache-www.belkin.com.
Publisher:
Belkin International, Inc.  (signed and verified)

Version:
2.6.1.8350

MD5:
a42b09ab2172d454921afcf61e157ae4

SHA-1:
225e086691c2722370c22cd4ba054f6d2f188bcb

SHA-256:
37e4615b8277ea0c627e06e409486acfc364323b9a58ce20b6cde0ec1ce7cabc

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 1:59:52 PM UTC  (today)

Scan engine
Detection
Engine version

NANO AntiVirus
Trojan.Win32.Agent.bdoxye
0.28.0.57630

File size:
24.9 MB (26,114,128 bytes)

Product version:
2.6

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\downloads\f9l1101v2.exe

Digital Signature
Signed by:
Belkin International, Inc.

Authority:
VeriSign, Inc.

Valid from:
4/22/2010 8:00:00 PM

Valid to:
4/22/2013 7:59:59 PM

Subject:
CN="Belkin International, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Belkin International, Inc.", L=Playa Vista, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E0BD9E62F30FC8D68C7026708BD76E0

File PE Metadata
Compilation timestamp:
1/20/2012 12:50:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
393216:BZFZUvvx7SYDSfIpqu9AEuBBavkDZgtsncsDSzdBU2I2m136D45557/gDXrO7E/2:FkPD58dTykyGWIcm1d5ngXO7WI

Entry address:
0x33685

Entry point:
E8, 2B, 3E, 00, 00, E9, 17, FE, FF, FF, E8, 3E, 1A, 00, 00, 8B, 4C, 24, 04, 89, 48, 14, C3, E8, 31, 1A, 00, 00, 8B, 48, 14, 69, C9, FD, 43, 03, 00, 81, C1, C3, 9E, 26, 00, 89, 48, 14, 8B, C1, C1, E8, 10, 25, FF, 7F, 00, 00, C3, FF, 74, 24, 08, FF, 74, 24, 08, FF, 15, EC, 50, 44, 00, 85, C0, 75, 08, FF, 15, 5C, 50, 44, 00, EB, 02, 33, C0, 85, C0, 74, 0B, 50, E8, 46, 01, 00, 00, 59, 83, C8, FF, C3, 33, C0, C3, 8B, 44, 24, 04, 66, 8B, 54, 24, 08, EB, 07, 66, 3B, CA, 74, 11, 40, 40, 0F, B7, 08, 66, 85, C9, 75...
 
[+]

Entropy:
7.9963  (probably packed)

Code size:
270 KB (276,480 bytes)

The file f9l1101v2.exe has been seen being distributed by the following URL.

http://cache-www.belkin.com/support/.../F9L1101v2.exe

Scan f9l1101v2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.