» matroskasplitter.exe
Overview
Analysis
File Details
Programs (2)
Downloads (20)

matroskasplitter.exe

Haali Media Splitter

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from dl.cdn.chip.de and multiple other hosts.

File name:

Product:

Haali Media Splitter

Version:

1.11.96.14

MD5:

ff51ccdaa9f86f661a01057ee2db4fc1

SHA-1:

82e55e46a3364f2d3ec392658b66c2eedc9211b8

SHA-256:

b6cc517dec39b1620aec2ba31b420523728391e075e93fa5645fc8944efc1686

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/27/2024 12:40:39 AM UTC (today)

File size:

1.3 MB (1,357,348 bytes)

Product version:

1.11.96.14

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\matroskasplitter.exe

File PE Metadata

Compilation timestamp:

12/5/2009 2:50:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:hRNjpOnGLsVxH/7HFRGSxSEbrvre5PHn9wq8DWH9PLje0GaB9IgTc3GFPIOnvQ:hdOcsVxhASxrre5PH9wqkKLjZGa9c3qs

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Entropy:

7.9945

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

The file matroskasplitter.exe has been discovered within the following programs.

µTorrent by BitTorrent Inc.

µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version.

www.utorrent.com

12% remove it

Haali Media Splitter by haali.su

Haali Media Splitter is a DirectShow splitter utility. GDSMux/DS Mux included also, a simple mkv/m2ts multiplexer and cutter.

haali.su/mkv

11% remove it

The file matroskasplitter.exe has been seen being distributed by the following 20 URLs.

http://dl.cdn.chip.de/downloads/.../MatroskaSplitter0303.exe

http://gsf-cf.softonic.com/82e/55e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6652977&instance=softonic_es&type=PROGRAM&Expires=1482457553&Signature=IZQKZYBIuhcJNSH1GEo2h2KoIibDADaFIUWXp-VKOABgmPe35l-mfRaUpZItlbiDve0goj-N2Bp2DroPex6ZjQO9kjsOq5cr5krVW08iOdiHYb5r-3D--dnhtGVVw8iNTEVVGn2pNGlu0veO-atQre7lVJuxYpm3Z8qjyEXfWFA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MatroskaSplitter.exe

http://www.elektroda.pl/.../download.php?id=437460

http://gsf-cf.softonic.com/82e/55e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6652977&instance=softonic_br&type=PROGRAM&Expires=1478062659&Signature=L8CTco8f9UzuR4j-D7I9MqS9mM5jQl29ZBQ71aADzJxcye-xlTynrsIv02QgC8vWf0YaoEbdUO6PO7FwpJRDNGvYX2lWfkxglU9XLxCxJhQ1aEy~aq1RDvcsNsnBkEpi0jGGQQpQYcZ1quklVmenynx9zkdQsly3tlDwjAYKy2c_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MatroskaSplitter.exe

http://gsf-cf.softonic.com/82e/55e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6652977&instance=softonic_es&type=PROGRAM&Expires=1443765640&Signature=Dgk2rnzxQDv5DT5csrpGWGWHT3gtoe~Wrva-DQ8Ugtu7YWSzLtI1eyU4jbYiGHLgxcRvUNNdICGFZaILTpkhStlSuK29svxHzGnKy99c5w6MmJVzGRKfh-ZlhsozWehk1pxQnl5z-6ZpOjkWPW8OAvIhEabWJ8St3gJ2eHe77sk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MatroskaSplitter.exe

http://www.afterdawn.com/software/general/.../haalimediasplitter?mirror_id=0&version_id=32776&software_id=778

http://gsf-cf.softonic.com/82e/55e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6652977&instance=softonic_es&type=PROGRAM&Expires=1471401231&Signature=VuMxstieUiiVi1El57lWNT~Q9H5CgvlnAdp7rsfjKnWeasZETn3V7NQtN3GgX6HqDfMig5r~456cQRU-LVv1v-FaEl4O4XW21z36QTs~t5fxMxS4I5J0MH2C3c~8LRODw7nJXtZyqLoXXN8aTRziROGB84ar2vQojq8GkkH8UKA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MatroskaSplitter.exe

http://gsf-cf.softonic.com/82e/55e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6652977&instance=softonic_en&type=PROGRAM&Expires=1467937204&Signature=Ynq8nD74S4xZFeKaPZMKbdpfEikO71~6mZR3xOE4aROQPKVUplwFRr-TpXKJHjtBhuUJcuNDse9vNZye1rqG-~xxfJotH0arnf1Zn8T2W742aSBFDl7tJCadEyJnmCvnhCu107kLYpNNVn-oO-Ygmmm0RjfC~lqHycM9IRBcakQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MatroskaSplitter.exe

http://gsf-cf.softonic.com/82e/55e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6652977&instance=softonic_es&type=PROGRAM&Expires=1463830609&Signature=fHApnQqX2Z8LLCm69D0zpJULEbMWmZqpATw2m7Nb0063JuSKcSUxeYdan9f5kvjGqmL6LKDwbMnx06TD9RjJDvqlUCz56ZGkR90yfIeB1SFY-JiW~gkt1lE4dXQCfS27a8FyZOLOZEpaQds1c5A7dpwsAeRSJWewmBjoPIww~EU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MatroskaSplitter.exe

http://dl1.afterdawn.com/download/b505f195066bc7cb1e85f2a674e7aed8/56ea57d7/.../MatroskaSplitter-03032011.exe

http://gsf-cf.softonic.com/82e/55e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6652977&instance=softonic_en&type=PROGRAM&Expires=1461218607&Signature=RgKHV2mEJS5tbqrPbzkRFD-KicgNihrSbNg54hyElsl-Qap61M-FQtIIXa6aacO12x8mXzQTAEIjWRRNCqoYIfBxWuCZ7zimor8-eYpVZCmFd1tgyzbHqOoYA56Nt7ECIJCmRNYQiAEVAMQX50lTnHSoF6YvdNXd3PODz9Ow9Vc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MatroskaSplitter.exe

http://gsf-cf.softonic.com/82e/55e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6652977&instance=softonic_es&type=PROGRAM&Expires=1425178802&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=E2r3A0EHIRgbB58fGZyjywjzhdRNePiqe5A6y1jPoPhgidmPziU8Ue0mvwhj2AOQUlazSDn5PikuEsbsiVpu-pqDKmZsG51iVKJ-NtEo~dpJNBlzciL982fWz0jc~gcULDHrb0u2TFdmlAU3SILQ6lz7GAAfgI1HJ1zrNqS~zHc_&filename=MatroskaSplitter.exe

http://download1079.mediafire.com/7fqu4r22xoyg/.../MatroskaSplitter.exe

http://gsf-cf.softonic.com/82e/55e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6652977&instance=softonic_es&type=PROGRAM&Expires=1448001408&Signature=YyK2ccbClFAUxawiD-AY4nCDNYkkicd2enpFPN982q~aIQ2HON-G5kwXTdbzkJaprZpAGCfysQVIPFEgEWuseuVSDG6i9WYC8NovIX9QMGqAnqUM9j0fRScPsXY3Qsod-fOM2sSCR2e5kiGbNpOfTbgNfYPWJtAbW~0eFN7RQI8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MatroskaSplitter.exe

http://www.afterdawn.com/software/.../download.cfm?version_id=32776&software_id=778&mirror_id=0&installer=0&perion=0&air_installer=0

http://dl1.afterdawn.com/download/82a67d5b8de906f2f3ca29c594f7225a/56aaeffe/.../MatroskaSplitter-03032011.exe

http://gsf-cf.softonic.com/82e/55e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6652977&instance=softonic_en&type=PROGRAM&Expires=1450491211&Signature=Lv8T9VcQamSt96isxkcs9V3CXd~M~LsGXMWPrxA4Fr-loj-Jsbr-9SD7bgaB496p-Tf4YK0HHb5iPpCY16fX0Vy213MGP1~-qoIn2Y6eeSSI3asuqv71LpOFFD6ROqzsWH7D2DJFhcDO4COeht6NvWa6-pb9hv~-dvWI4kuyFdk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MatroskaSplitter.exe

http://dl16.download.fi/download/54c77ceedc854ba621759d6e97f7049a/513cbd47/.../MatroskaSplitter-03032011.exe

http://www.videohelp.com/.../MatroskaSplitter03032011.exe

http://haali.su/.../MatroskaSplitter.exe

Scan matroskasplitter.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.