» immunitydebugger_1_85_setup.exe
Overview
Analysis
File Details
Downloads (19)

immunitydebugger_1_85_setup.exe

The executable immunitydebugger_1_85_setup.exe has been detected as malware by 3 anti-virus scanners. The program is a setup application that uses the Nullsoft Install System installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from debugger.immunityinc.com and multiple other hosts.

File name:

MD5:

b94ff046f678a5e89d06007ea24c57ec

SHA-1:

e01a72a487ac0e2ec02ddfc20fd2994919ef1e9a

SHA-256:

9c15cd47d018ccd99a6c8865baba20134c67061ae0e19232c32ecd0139ccfd42

Scanner detections:

3 / 68

Status:

Malware

Explanation:

This is part of the Crossrider Internet browser extension framework which may modify the user's web browser settings including changing the home and search pages.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application.

Analysis date:

4/29/2026 6:23:46 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Agent.22749412

7.11.138.204

Reason Heuristics

Threat.Win.Reputation.IMP

16.11.29.13

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.14324

File size:

21.7 MB (22,749,412 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Nullsoft Install System

Common path:

C:\users\{user}\downloads\immunitydebugger_1_85_setup.exe

File PE Metadata

Compilation timestamp:

9/8/2011 7:17:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.21

CTPH (ssdeep):

393216:tU0lXeTIj/ZrW8n6MWja0Xja/ggbvNgV1JKp7lZ+HrS4G0Mbnz+BfmxOyoH/5:m0lXAudh6pG0TUzbvKU77urS4gM4O/R

Entry address:

0x407F

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, E8, 18, 57, 00, 00, C7, 04, 24, 01, 80, 00, 00, E8, BC, 53, 00, 00, 53, C7, 04, 24, 00, 00, 00, 00, E8, 27, 57, 00, 00, 56, A3, F4, 07, 43, 00, C7, 04, 24, 08, 00, 00, 00, E8, 6D, 3A, 00, 00, A3, 50, 08, 43, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, A9, B2, 40, 00, E8, 51, 56, 00, 00, 83, EC, 14, C7, 44, 24, 04, AA, B2, 40, 00, C7, 04, 24, 5C, 08... 
[+]

Code size:

34.5 KB (35,328 bytes)

The file immunitydebugger_1_85_setup.exe has been seen being distributed by the following 19 URLs.

http://debugger.immunityinc.com/getID.py?hash=cda01a7910e7df34d4e3027d687add9d5ec80d75

https://softpedia-secure-download.com/dl/92a3ca2fb7bed05ae8d2f39eddaf3303/5899003d/100161783/software/.../ImmunityDebugger_1_85_setup.exe

http://debugger.immunityinc.com/getID.py?hash=44b4295afaaa7d9100c1d464dab6e55a966ae97f

http://debugger.immunityinc.com/getID.py?hash=2955752ff50b5619471a75a31c2df78c98704550

http://download.softpedia.com/dl/b9eb09a9e430d0103be3caf5fd60f07a/580ff606/100161783/software/.../ImmunityDebugger_1_85_setup.exe

http://debugger.immunityinc.com/getID.py?hash=2ff916be364fc9373f60e5cb367d0b7e42deacee

http://debugger.immunityinc.com/getID.py?hash=ce638d188f5d4d1e7f4602404978f72b4c635104

http://debugger.immunityinc.com/getID.py?hash=82fed23f696544e47872c072d3826e174f717657

http://debugger.immunityinc.com/getID.py?hash=6a7c9505e47d42cbee90605e8a5d6fc0997b43bb

http://download.softpedia.com/dl/1f7417a8bbe907bff71454250f8fd430/56bdda45/100161783/software/.../ImmunityDebugger_1_85_setup.exe

http://debugger.immunityinc.com/getID.py?hash=ec5ddd4b8fe24d2ef9d9f8db1cdd985c21e06283

http://debugger.immunityinc.com/getID.py?hash=9bdfd57a356ac0bbc60d5c0fcd235579fd10e177

http://download.softpedia.com/dl/42130a9dadb4c693bbf9633377199551/5596021a/100161783/software/.../ImmunityDebugger_1_85_setup.exe

http://download.softpedia.com/dl/f5ca03757eaf72c99798d9963a07b1c7/56cc8673/100161783/software/.../ImmunityDebugger_1_85_setup.exe

http://debugger.immunityinc.com/getID.py?hash=c17157a6728b8495198e2493c717faeb0bfd59c3

http://download.softpedia.com/dl/fd4e4fc47a4aec04cf6cb311235098c9/5539bfe3/100161783/software/.../ImmunityDebugger_1_85_setup.exe

http://debugger.immunityinc.com/getID.py?hash=0c10c2e5b799aed609fe894954da8d61ca84bba5

http://debugger.immunityinc.com/getID.py?hash=af7c49e6b0062db8e35c1a51e88ddde8a845e72b

http://debugger.immunityinc.com/getID.py?hash=8939c9152c6148fcd93af74ed59e498b874e1035

Remove immunitydebugger_1_85_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.