home

qqdownload_setup_47_769_400.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from xf.qq.com.
MD5:
d5cca0ad498c339b141d284f41541f73

SHA-1:
a98ea6e4a06131edb25df9ceaec9cfb6a4a70da7

SHA-256:
fae5341bbcecda35a56b04bedb278472e50dd7a46391ed952f07fb07f5fa0644

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/3/2024 6:43:55 AM UTC  (today)

File size:
10.1 MB (10,629,886 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\qqdownload_setup_47_769_400.exe

File PE Metadata
Compilation timestamp:
9/9/2009 9:23:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:AOhwK1GWBBdRuLwGVH8nk86PAF6n3C3v6vZM8sdmdqArsn8rg8/oU7wB69OOtiC3:AO1kOTRuLwc8kAMS/6hDHqAI8EqlsBWp

Entry address:
0x28A000

Entry point:
68, 20, FB, 17, 00, 5B, 68, 18, A0, 68, 00, 5F, BA, C4, 06, 00, 00, 31, 1C, 3A, 83, EA, 02, 83, EA, 02, 75, F5, C8, 86, 16, 00, 20, FB, 17, 00, 20, FB, 57, 00, 6B, CE, 17, 00, B8, 80, 88, 00, DE, 79, 88, 00, 20, 4B, 15, 00, 21, FB, 17, 00, 40, 7B, 57, 00, 0E, 74, 57, 00, 1C, 74, 57, 00, 0C, 88, 17, 00, 0C, 74, 17, 00, 1A, 74, 17, 00, 40, 93, 17, 00, 0C, 74, 17, 00, 1A, 74, 17, 00, 20, FB, 17, 00, 20, FB, 17, 00, 20, FB, 17, 00, 20, FB, 17, 00, 20, FB, 17, 00, 20, FB, 17, 00, 20, FB, 17, 00, 20, FB, 17, 00...
 
[+]

Entropy:
7.9910  (probably packed)

Code size:
25 KB (25,600 bytes)

The file qqdownload_setup_47_769_400.exe has been seen being distributed by the following URL.

http://xf.qq.com/.../lastest21589

Scan qqdownload_setup_47_769_400.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.