home

fsx_booster_setup.exe

Achilles Philippopoulos

This is a self-extracting archive and installer. The file has been seen being downloaded from download5.simmarket.com.
Publisher:
FSPS  (signed by Achilles Philippopoulos)

Description:
FSX Booster Setup Program

Version:
4.7.0.0

MD5:
d12f98b6f8d11fa2e9434ac8e45a82cd

SHA-1:
0cdfb9f2c1462f3f038195ff7b9952f866fd70a5

SHA-256:
a481a35e9cc0d58a0103b3f3b518b433af5d1c42e1c0ddc37f623d5ff0cd60cd

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 5:42:21 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PC-Guard
7.1.1

File size:
19.5 MB (20,435,232 bytes)

Product version:
4.7.0.0

Copyright:
Copyright © FSPS

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\fsx_booster_setup.exe

Digital Signature
Signed by:
Achilles Philippopoulos

Authority:
DigiCert Inc

Valid from:
4/23/2012 8:00:00 PM

Valid to:
4/29/2013 8:00:00 AM

Subject:
CN=Achilles Philippopoulos, OU=Flight Simulator Platform Solutions, O=Achilles Philippopoulos, L=Thessaloniki, C=GR

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0194A82811B39693F8AD3E47E5300B4E

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:fVCV+uIzxf3Mw46nsqqFCZ6Dt/cgd05/6r81qiQ92Wz/XbJgb1o:ugN3Mw46nPqFC2H0w81HvWDNgJo

Entry address:
0x83D50

Entry point:
55, 8B, EC, 83, C4, F0, B8, 10, 3B, 48, 00, E8, 28, 2B, F8, FF, A1, 58, 5A, 48, 00, 8B, 00, E8, E4, 72, FE, FF, A1, 58, 5A, 48, 00, 8B, 00, BA, B0, 3D, 48, 00, E8, CB, 6E, FE, FF, 8B, 0D, 78, 5B, 48, 00, A1, 58, 5A, 48, 00, 8B, 00, 8B, 15, 88, 32, 47, 00, E8, D3, 72, FE, FF, A1, 58, 5A, 48, 00, 8B, 00, E8, 47, 73, FE, FF, E8, 0A, 09, F8, FF, 00, 00, FF, FF, FF, FF, 05, 00, 00, 00, 53, 65, 74, 75, 70, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9933

Developed / compiled with:
Microsoft Visual C++

Code size:
523.5 KB (536,064 bytes)

The file fsx_booster_setup.exe has been seen being distributed by the following URL.

http://download5.simmarket.com/pub/.../FSX_Booster_Setup.exe

Scan fsx_booster_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.