» pure13.0.2.558en-gb.exe
Overview
Analysis
File Details
Downloads (13)

pure13.0.2.558en-gb.exe

Kaspersky PURE 3.0

Kaspersky Lab

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from wgtot45.digitalriver.com and multiple other hosts.

File name:

pure13.0.2.558en-gb.exe

Publisher:

Kaspersky Lab ZAO (signed by Kaspersky Lab)

Product:

Kaspersky PURE 3.0

Description:

Kaspersky PURE 3.0 Setup (13.0.2.558.0.420.0)

Version:

13.0.2.558

MD5:

95a00e8bb9d8ee1bd08806c7b4c37801

SHA-1:

d698594a9bf295c3d25ac7fd3f48910137e194f7

SHA-256:

2bc19f1d186f4c6d9f29fe218ce8f4686c35d2d64deef2c1361f0cc704deeae2

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/20/2024 4:05:05 AM UTC (today)

File size:

180.8 MB (189,632,544 bytes)

Product version:

13.0.2.558

Trademarks:

Registered trademarks and service marks are the property of their respective owners.

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\pure13.0.2.558en-gb.exe

Digital Signature

Signed by:

Kaspersky Lab

Authority:

VeriSign, Inc.

Valid from:

2/15/2012 12:00:00 AM

Valid to:

3/7/2013 11:59:59 PM

Subject:

CN=Kaspersky Lab, OU=Technical dept, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Kaspersky Lab, L=Moscow, S=Moscow, C=RU

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

16E5A775120300FB3419458B40D40834

File PE Metadata

Compilation timestamp:

4/10/2010 1:19:31 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3145728:Ms3LcGiBXDLJ/u3fs1j+DF7DG/jPZhc7Pf6PwIgwbCy7DIoB6ldXITEl8TCZkoHZ:5LDiB/GVF78DZh14IZWoIoBKIjkpwY7v

Entry address:

0x354B

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00... 
[+]

Entropy:

8.0000

Packer / compiler:

Nullsoft install system v2.x

Code size:

25 KB (25,600 bytes)

The file pure13.0.2.558en-gb.exe has been seen being distributed by the following 13 URLs.

http://wgtot45.digitalriver.com/wgt/9B5A4FCEF11DA80C/186F732D339016288B7794061E52AC6A5EEAC26C555FCB46833EAA158BEAA6627D25B42E89F1402D2A0D181FDE10BA2706A6FBF29DCE8D47B1C150D8F214B86E97A693A7BBF30D56/.../pure13.0.2.558en-gb.exe

http://wgtot38.digitalriver.com/wgt/9B5A4FCEF11DA80C/171F14235882A3D34841170D5B9DEF7BD6E4B9979C1583E457B7BF43E12CFCC867A6396D4CA4097978854B85EA34BA52E1D92EC6D25B6B5C3ACBD358704FA6AD4781A3335C347DFA9309FBD662A94FE85C301D4CF6797C8A/.../pure13.0.2.558en-gb.exe

http://wgtot60.digitalriver.com/wgt/9B5A4FCEF11DA80C/171F14235882A3D34841170D5B9DEF7B8D781628AC440EBD8D273C5554AF2095C64DACE8659053AF3A22C632B2EBA74BDA04504DD47B6BC5AFAB867A91558B9ABB6AF6F480B9AAD0871E8EB67680BF338F5DC70B1E40C906/.../pure13.0.2.558en-gb.exe

http://wgtot38.digitalriver.com/wgt/9B5A4FCEF11DA80C/171F14235882A3D34841170D5B9DEF7BEDDF19CF2907C84857B7BF43E12CFCC84FA463328AC7D75A479E7CE1841DE9DF9E5DF5C28673AA6E5DCEF994E3874501207F2D75AF5F20D2620321977727B77D5C301D4CF6797C8A/.../pure13.0.2.558en-gb.exe

http://wgtot38.digitalriver.com/wgt/9B5A4FCEF11DA80C/171F14235882A3D34841170D5B9DEF7BD6E4B9979C1583E404C5B1E89ECD85920569C1ADD45295D95AB7B7FB95C2A51298BC05F52FF47933094EF35BED86579B389AA2B05091F1CB07DF402219F9B2B15C301D4CF6797C8A/.../pure13.0.2.558en-gb.exe

http://wgt.digitalriver.com/wgt/9B5A4FCEF11DA80C/E9C08BD4538CEDB711D1E1B6351ACDDE73BA4108CF0D893C7213B1E2181C7E044B6547133286D5E0351477D5400B36D90BEEF56500EDF3C70A55A1098BBD265297A693A7BBF30D56/.../pure13.0.2.558en-gb.exe

http://wgtot38.digitalriver.com/wgt/9B5A4FCEF11DA80C/171F14235882A3D34841170D5B9DEF7BD6E4B9979C1583E4A03204035D69A291D6AE55CEA27A4EB7E08FF6D960FAE85670A6CA42EEC34D2129D408D784A7C4CEA98F80602B780739A7CCB93CA8E64CD15C301D4CF6797C8A/.../pure13.0.2.558en-gb.exe

http://wgt.digitalriver.com/wgt/9B5A4FCEF11DA80C/848D2212DBC2D52049A7D6CC7B487DAC3E716A25DE9847FD9EDD9D3776F4FB3E49D745CCD0194FF4AF3AB06E8B7C1B44DA6B5C23943037A5C7E451479029D5FB653CF2089D3D1744AA32BDDB890928FBF7BCDCED21E2F27459AD50B1F41E622D/.../pure13.0.2.558en-gb.exe

http://wgtot28.digitalriver.com/wgt/9B5A4FCEF11DA80C/171F14235882A3D34841170D5B9DEF7B3EA845FDF99BBCCC8D273C5554AF2095B46865F66B427F8378FCB819FB28AD1F097CAF7FC7630AA3FF5C0F5372209B4500A4256319FDE6BFFF95826D852E7F5D8F5DC70B1E40C906/.../pure13.0.2.558en-gb.exe

http://wgtot21.digitalriver.com/wgt/9B5A4FCEF11DA80C/80570FAC9FB5A3E5CE18004E00AF4EB3FCB04A25247B79D61BB7300073ACA5C84FA7C8776FCCA4E8BAEDF3A025A5FE7B5AC702413B425F00F7BCDCED21E2F27459AD50B1F41E622D/.../pure13.0.2.558en-gb.exe

http://wgt.digitalriver.com/wgt/9B5A4FCEF11DA80C/848D2212DBC2D5202DC865646F16320458466AAC369FABCA22D1A261E511D921EF7055A51AEB4F75BBB228FC8060B54ED851981CFB26C154CEDD9DE293BDE70A85387C96F7085C1DAEDAA180C53FF810/.../pure13.0.2.558en-gb.exe

http://wgtot38.digitalriver.com/wgt/9B5A4FCEF11DA80C/171F14235882A3D34841170D5B9DEF7BBC852DF423A66683CD230C3B69E1DEC39C0BC2A005C26D8A25C101FC914BCB13C586D30A0AD82C2A0546AB5AB6F753DB47B2238BEB11BA82D8B075E4145CA1615C301D4CF6797C8A/.../pure13.0.2.558en-gb.exe

http://wgt.digitalriver.com/wgt/9B5A4FCEF11DA80C/848D2212DBC2D52049A7D6CC7B487DAC3E716A25DE9847FD9EDD9D3776F4FB3E49D745CCD0194FF45AE33037E07DC7D6DA6B5C23943037A51F954BA2CB7E1110653CF2089D3D17448715B514D935D083F7BCDCED21E2F27459AD50B1F41E622D/.../pure13.0.2.558en-gb.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.