nsdownloader.exe

Norton Download Manager

Symantec Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from lcdls.symantec.com.
Publisher:
Symantec Corporation  (signed and verified)

Product:
Norton Download Manager

Version:
5.0.0.64

MD5:
3b2018b905be2e10d0ce6dc2d182c0bf

SHA-1:
960f374be6d6d6fa813e0f51659819f57f2cf06e

SHA-256:
ed27c9faabddda78f5db930e3469cf08a208919427ec50e442b678acbadb2763

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
3/16/2017 1:49:49 PM UTC  (six months ago)

File size:
1014.2 KB (1,038,544 bytes)

Product version:
5.0.0

Copyright:
Copyright (c) 1997-2014 Symantec Corporation

Original file name:
fsdui.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\nsdownloader.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
11/18/2013 7:00:00 PM

Valid to:
11/16/2014 6:59:59 PM

Subject:
CN=Symantec Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Endpoint Protection & Productivity, O=Symantec Corporation, L=Culver City, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2BBAF83D7BEDD958309D62B93EE41074

File PE Metadata
Compilation timestamp:
9/9/2014 8:37:23 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x1000

Entry point:
B8, A0, A5, 89, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 25, 8E, E5, 81, 2F, 42, 91, C6, DC, 5A, A9, EC, 1A, 83, A3, C6, D5, 75, FF, 78, 08, 11, A0, C4, 63, 48, F6, 8C, C5, 53, 2C, C9, B3, 5A, BD, CB, D7, 24, CA, B4, 27, 43, 39, 9A, D5, 92, 11, CD, 88, 30, A6, EF, 67, 97, D8, B5, F7, B5, FD, 28, 59, CB, E9, 38, 4C, A9, 2D, 4B, 17, 1B, 5C, CB, 67, 42, D6, 33, 90, 7E, 34, A7, 20, 5E, D3, BD, 56, 85, D4, E8, A0, 0F, E8, D8, AD...
 
[+]

Entropy:
7.9523

Packer / compiler:
PECompact v2

Code size:
2.2 MB (2,299,904 bytes)

The file nsdownloader.exe has been seen being distributed by the following URL.

http://lcdls.symantec.com/767266912/AH4 6p2RKZWGAWLS0Q7P4/RxglnAAAU7CD9qvA/.../NSDownloader.exe