» luxor_2_setup.exe
Overview
Analysis
File Details
Downloads (9)

luxor_2_setup.exe

MumboJumbo

This is a self-extracting archive and installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

luxor_2_setup.exe

Publisher:

MumboJumbo (signed and verified)

MD5:

e56d0559f7eac7a620542c1e4e6e4078

SHA-1:

d73f3413b7ee530eab774037abc0190ed83e9eb1

SHA-256:

33b1b756265c2be144e512390394406a17a6e0dca85e2895c27b77c39fd0eda3

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

5/2/2024 8:00:53 AM UTC (today)

Scan engine

Detection

Engine version

McAfee

Artemis!E56D0559F7EA

5600.6623

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.151001

File size:

18.1 MB (19,014,584 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\programs\luxor_2_setup.exe

Digital Signature

Signed by:

MumboJumbo

Authority:

VeriSign, Inc.

Valid from:

11/9/2005 4:00:00 PM

Valid to:

11/10/2006 3:59:59 PM

Subject:

CN=MumboJumbo, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=MumboJumbo, L=Dallas, S=Texas, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

27CC86C823555D98D2770F3AFC657DD9

File PE Metadata

Compilation timestamp:

2/7/2004 9:26:11 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

393216:OXd34yykm5KHNizWuTzoocln0DppLhzjq55GGucozNegue:OX14FrKUOJ0DHhzjKHqNegn

Entry address:

0x3F88

Entry point:

83, EC, 0C, 53, 55, 56, 57, C7, 44, 24, 10, 70, 92, 40, 00, 33, DB, C6, 44, 24, 14, 20, FF, 15, 2C, 70, 40, 00, 53, FF, 15, 84, 72, 40, 00, BE, 00, 54, 43, 00, BF, 00, 04, 00, 00, 56, 57, A3, A8, EC, 42, 00, FF, 15, C4, 70, 40, 00, E8, 8D, FF, FF, FF, 8B, 2D, 90, 70, 40, 00, 85, C0, 75, 21, 68, FB, 03, 00, 00, 56, FF, 15, 5C, 71, 40, 00, 68, 68, 92, 40, 00, 56, FF, D5, E8, 6A, FF, FF, FF, 85, C0, 0F, 84, 57, 01, 00, 00, BE, 20, E4, 42, 00, 56, FF, 15, 68, 70, 40, 00, 68, 5C, 92, 40, 00, 56, E8, 9C, 28, 00... 
[+]

Code size:

23 KB (23,552 bytes)

The file luxor_2_setup.exe has been seen being distributed by the following 9 URLs.

http://gsf-cf.softonic.com/d73/f34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=58285&instance=softonic_fr&type=PROGRAM&Expires=1462009186&Signature=PswLiqPh23vsYXKZwHcDHQJB-SjcrFQd1Tjfpx6gBDy2ei1awUfzqOOcz4t~XRrLkU1ZdOCVVMSAbElpMgu7J2k8L2ZNNo4DTWkU6Ai2ijgAnVPhtayPU4hs2TfGKx-plgtkDXhmVI3OfLliG54dt~83KZnljrpclt9etIKR7-g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=luxor_2_Setup.exe

http://gsf-cf.softonic.com/d73/f34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=58285&instance=softonic_fr&type=PROGRAM&Expires=1483245249&Signature=SFphZno7WZppkscQNGHsK2gjkLmbpT4IYrJk5Z45m~jY5mL14xeba86qU2Yp4qG01EtFAcBwEpjAJjUiV5nY~a9~A-l7BgE7F7sWyWgQq63HeEJLfY0f~KjEakaNVcEogcq3lKjVIe57pfJxWClhMKPK18xEwnprKFstFtGZFag_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=luxor_2_Setup.exe

http://gsf-cf.softonic.com/d73/f34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=58285&instance=softonic_fr&type=PROGRAM&Expires=1480306599&Signature=SLHMcySYGjZ47~~mhKsB2K~KXIhYGg3vg3wXmiQfIzLQIj9uEMXU3zkua7D4aKfiKMeYgONx1DZmL-DdLhjyxpLICdKQ-9COEp~SpirxVwXwGwXDjRsK9EeFuoKnbqIV~P6l8xPvz5rKuBJLSdp1E3MXGJxx3T6RkgY3d8jZVyQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=luxor_2_Setup.exe

http://gsf-cf.softonic.com/d73/f34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=58285&instance=softonic_fr&type=PROGRAM&Expires=1483504940&Signature=L5ddzn2sUm3vJd68ZFzbR8GGW5XoeeN6M6qhjKxyAINdQSr~CQCsyL2emVJf0ADk1j319rsPkMUFX8dvElYgCFn-svs8v1usO5a8viJ~EPm1F61e9eMSLqcj0xiZMsAOkQ3k6AivdLyutBo6n-1d1PqeVkm3jZeLrx19jrfJoE4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=luxor_2_Setup.exe

http://gsf-cf.softonic.com/d73/f34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=58285&instance=softonic_fr&type=PROGRAM&Expires=1479176545&Signature=ODUYnv5SdaybW6l2RhoMKjmcO2M3vhDNQjKRB2wsiJDIo1vujcha4MbzUSXd~b1cnYsnJABZCiaOvDG9bKBV79g49eDWpW39oU~okwdb9x~hpSa20xQMyI2TYqhsNrkWaxqml5-lf9iJMj1ar0VqokmtL0eQBMZxNME2HVSqo8g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=luxor_2_Setup.exe

http://gsf-cf.softonic.com/d73/f34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=58285&instance=softonic_fr&type=PROGRAM&Expires=1475026394&Signature=BxF4PwErktOkChrYKRHamVjnR5a3np67nW2r5fq3NgmGzPu-Rrk9UO3NY4smglcaE5RUlqC-GbFwXLdqDiUyu1Slfp~8~yEaLHO9sfVAMxyIXaZiclYpVLZj4F4ojoYP-nox8frtbliry89Ra-sHwvT5emP3uBlQ20Nsa711zgk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=luxor_2_Setup.exe

http://gsf-cf.softonic.com/d73/f34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=58285&instance=softonic_fr&type=PROGRAM&Expires=1478223217&Signature=KqkbTPd2b35M~Qp1zXD1iykM-vSNg6S7050POXA~PWDhCdVRcHAdX05Xkh2Ppp~lK2Whequp9CIH1C51iIzLvEM8at0ab1KVRR-tEr9E4b~VTqPC3SVFbZly63fQjUFADDfw7s-1HiYi0bZKf46nQUMyhHbzfA~RFEVdu~846LQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=luxor_2_Setup.exe

http://gsf-cf.softonic.com/d73/f34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=58285&instance=softonic_fr&type=PROGRAM&Expires=1438481420&Signature=DptODJcUvWV-ARxlU~Mb1fbzjQg1eQaet--~TsG-rGUm9kY9Sv489fsPpILtv6qeZOpTwmKmXHoG3ura~wZ1ir~jjzQ8RQ1ScgbGudnYLtB~ewxoPDKtkc7Ld4YZV9VAeRDaI8KDFICCk8mOhOwZXiRNkQDbfPXO0iTm1I738OI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=luxor_2_Setup.exe

http://gsf-cf.softonic.com/d73/f34/.../file?SD_used=0&channel=WEB&fdh=no&id_file=58285&instance=softonic_fr&type=PROGRAM&Expires=1450071219&Signature=Ck32HmsI5Q4zrzkXe8rhBg4WR0Z8gmuzgNzkRGh3VTFZlBP0sreaXVFNMpV6x0n~J~uACYDIgda9A2U4YSkO98s~NROLI~~iUoCtDa6H3DJOsbpuupzjKT83z0UZKwmHgb5486irMmgfuIdKGDVWhC8yEKydaPUbABk1A4plCx8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=luxor_2_Setup.exe

Scan luxor_2_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.