» qt16.exe
Overview
Analysis
File Details
Downloads (8)

qt16.exe

QuickTime for Windows

Apple Computer, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from software.oldversion.com and multiple other hosts.

File name:

qt16.exe

Publisher:

Apple Computer, Inc.

Product:

QuickTime for Windows

Version:

2.1.2.59

MD5:

bf7b29f23c57ea8de26f57d8099ce261

SHA-1:

6de0fa89280bfbe003570ddf70429eecfe8365ff

SHA-256:

fe56fc8e421dd186a8367bc5ba690db4e54ff166e7a5e11ad777bd9fcca5a836

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 9:06:06 AM UTC (today)

File size:

1.9 MB (2,037,248 bytes)

Product version:

2.1.2.59

File type:

Executable application (Win64 EXE)

Language:

English (United States)

File PE Metadata

OS version:

10.59729

OS bitness:

Win64

Linker version:

11.0

CTPH (ssdeep):

49152:Bh6+qWSgpYItBepfxlB0zMraA9JCQkLhz:Bh6t45t4pfxMy9JCQkL

Entry address:

0x7350727

Entry point:

4D, 5A, CB, 01, 01, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 72, 65, 71, 75, 69, 72, 65, 73, 20, 4D, 69, 63, 72, 6F, 73, 6F, 66, 74, 20, 57, 69, 6E, 64, 6F, 77, 73, 2E, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

448 KB (458,763 bytes)

The file qt16.exe has been seen being distributed by the following 8 URLs.

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NTM2NDg4NztzOjI6ImlkIjtpOjQwMDU7czo0OiJmaWxlIjtzOjIwOiJxdWlja3RpbWVwbGF5ZXIyLmV4ZSI7czozOiJ1cmwiO3M6NDc6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9xdWlja3RpbWUtMi0wIjtzOjQ6InBhc3MiO3M6MzI6ImUwN2ExOTNlNGQwYmQ4M2VlZTM5NWZhM2FjOWQ4NmRiIjt9

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NDU4MDAzODtzOjI6ImlkIjtpOjQwMDc7czo0OiJmaWxlIjtzOjE2OiJxdWlja3RpbWUyMTIuZXhlIjtzOjM6InVybCI7czo0OToiaHR0cDovL3d3dy5vbGR2ZXJzaW9uLmNvbS93aW5kb3dzL3F1aWNrdGltZS0yLTEtMiI7czo0OiJwYXNzIjtzOjMyOiIwMTQwNGI2NDBlZmY3MDUxNjM0MTMyODJiNjUzZTlhYSI7fQ==

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ4MDY2MzA3NztzOjI6ImlkIjtpOjQwMDc7czo0OiJmaWxlIjtzOjE2OiJxdWlja3RpbWUyMTIuZXhlIjtzOjM6InVybCI7czo0OToiaHR0cDovL3d3dy5vbGR2ZXJzaW9uLmNvbS93aW5kb3dzL3F1aWNrdGltZS0yLTEtMiI7czo0OiJwYXNzIjtzOjMyOiJjZWM0MTZjNjk4OTBkYTRmYWJlOGYwOGNhNTA0NmRjMiI7fQ==

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ2NTg2NDU2MztzOjI6ImlkIjtpOjQwMDU7czo0OiJmaWxlIjtzOjIwOiJxdWlja3RpbWVwbGF5ZXIyLmV4ZSI7czozOiJ1cmwiO3M6NDc6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9xdWlja3RpbWUtMi0wIjtzOjQ6InBhc3MiO3M6MzI6IjBjNDQ3ZGViYjJkNWM5YjMyZjRmMDUxM2EzOWQ5NDVmIjt9

http://www.oldversion.com/windows/download/.../quicktime212.exe

http://download.oldapps.com/.../quicktimeplayer2.exe

http://www.oldapps.com/quicktime_player.php?app=bf7b29f23c57ea8de26f57d8099ce261

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTM5MTUzMjQzOTtzOjI6ImlkIjtpOjQwMDc7czo0OiJmaWxlIjtzOjE2OiJxdWlja3RpbWUyMTIuZXhlIjtzOjM6InVybCI7czo0OToiaHR0cDovL3d3dy5vbGR2ZXJzaW9uLmNvbS93aW5kb3dzL3F1aWNrdGltZS0yLTEtMiI7czo0OiJwYXNzIjtzOjMyOiI3NDAzZjQ1NjYzZDlhNGViZmYwOWEyMGI3MzdmN2Y0MyI7fQ==

Scan qt16.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.