» Orbitdm.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

Orbitdm.exe

Orbit Downloader

GlobalNet Limited

File name:

Orbitdm.exe

Publisher:

Orbitdownloader.com (signed by GlobalNet Limited)

Product:

Orbit Downloader

Version:

2, 5, 0, 1

MD5:

8fe7b96ba1680f423c30d61bf6a76e90

SHA-1:

b2c7daa488dee3f78336ee963aceaf8af9fc07fb

SHA-256:

9469118c947629e8c96b2860e001234cd67e0dfc45608994ec2c40ae1583e067

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/18/2024 11:30:41 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Dropper.Gen

7.11.30.172

Boost by Reason

Optional.GlobalNet

188838

File size:

1.6 MB (1,670,336 bytes)

Product version:

2, 5, 0, 1

Original file name:

Orbitdm.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\orbitdownloader\orbitdm.exe

Digital Signature

Signed by:

GlobalNet Limited

Authority:

VeriSign, Inc.

Valid from:

7/9/2007 5:30:00 AM

Valid to:

7/9/2008 5:29:59 AM

Subject:

CN=GlobalNet Limited, OU=Dev, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=GlobalNet Limited, L=Beijing, S=Beijing, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1EA76C7FDD43A91687A8D12A3A0E2D23

File PE Metadata

Compilation timestamp:

1/2/2008 11:18:47 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:lZt/XHp6sRe7M1cxGYtT+KYAEv3sPjH4aA6acRff04CG0KUJP1vVcTtcTB:xox7geesPjH4aLgKcvVcTtcTB

Entry address:

0xD40E2

Entry point:

55, 8B, EC, 6A, FF, 68, 30, 1E, 4E, 00, 68, 40, 42, 4D, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 3C, F5, 4D, 00, 59, 83, 0D, 54, 8D, 4F, 00, FF, 83, 0D, 58, 8D, 4F, 00, FF, FF, 15, 38, F5, 4D, 00, 8B, 0D, 3C, 8D, 4F, 00, 89, 08, FF, 15, 34, F5, 4D, 00, 8B, 0D, 38, 8D, 4F, 00, 89, 08, A1, 30, F5, 4D, 00, 8B, 00, A3, 50, 8D, 4F, 00, E8, 22, 01, 00, 00, 39, 1D, 70, 56, 4F, 00, 75, 0C, 68, 70, 42, 4D, 00, FF, 15, 2C, F5... 
[+]

Entropy:

6.3340

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

888 KB (909,312 bytes)

Windows Firewall Allowed Program

Name:

C:\Program Files (x86)\Orbitdownloader\orbitdm.exe

The file Orbitdm.exe has been discovered within the following program.

Orbit Downloader by www.orbitdownloader.com

Orbit Downloader is a download manager for Windows that has the ability to grab and download embedded Flash Video files from sites like YouTube, Dailymotion, Metacafe, etc.

www.orbitdownloader.com

22% remove it

Scan Orbitdm.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.