» rufus-2.7.exe
Overview
Analysis
File Details
Downloads (82)

rufus-2.7.exe

Rufus

Akeo Consulting

This is a setup program which is used to install the application. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

rufus-2.7.exe

Publisher:

Akeo Consulting (http://akeo.ie) (signed by Akeo Consulting)

Product:

Rufus

Version:

2.7.855

MD5:

45f58b0ef0674f3f43ee106a2e276425

SHA-1:

baa25eca0e8dc87c99b5a4702036ebb70a2af1d6

SHA-256:

7eac92c4165577c76ed22c389b64e4b32979fb216699c52c64c39bdf0c833b17

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/27/2024 3:25:00 AM UTC (today)

Scan engine

Detection

Engine version

Qihoo 360 Security

HEUR/QVM18.1.Malware.Gen

1.0.0.1120

File size:

861.3 KB (881,920 bytes)

Product version:

2.7.855

Trademarks:

http://www.gnu.org/copyleft/gpl.html

Original file name:

rufus.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\rufus-2.7.exe

Digital Signature

Signed by:

Akeo Consulting

Authority:

COMODO CA Limited

Valid from:

11/12/2012 1:00:00 AM

Valid to:

11/13/2017 12:59:59 AM

Subject:

CN=Akeo Consulting, O=Akeo Consulting, STREET="24, Grey Rock", L=Milford, S=Co. Donegal, PostalCode=Co. Donegal, C=IE

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

47D73D146614770CB3DAAF5502C48D9C

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:YCDHR1z3lubUbRQGcAebSqWapkhHn1QkQHT+EuQDW:Y+PTMbUbRGnbBGHN8Cca

Entry address:

0x23F430

Entry point:

60, BE, 15, 60, 57, 00, 8D, BE, EB, AF, E8, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 1E, D9, 23, 00, 57, 83, C3, 04, 53, 68, 0B, 94, 0C, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Code size:

812 KB (831,488 bytes)

The file rufus-2.7.exe has been seen being distributed by the following 50 URLs.

http://dw.uptodown.com/dwn/L5wLK5oOBsAtRAoolw_WOgIALaOO8sZFD--8ilLlwdH4wAvrNG9djlCbTUQ67HG35EmfZcpO7vB2egbVpJknv87fSClxS1AS1EzOtRedgdVgLmVdCItf8uQ3AEza_h-j/DsgaXku_Am6wQKxCqIGHJeAx0WImQ3JRkzU7tkX03_W6RpTEDZUQ6y7TPPh4A4H4le9E8zKy3gqQegCDGJVlsfcHDfK38R4a6tPzICw55uTpQ7BGQMv11GE7P9TbGPoP/.../

http://dw.uptodown.com/dwn/RBAMdjXCfg50cVE17KxulUX-rpUF7kT5UmEfSdm_XSqWp0MIiMkZe6sd-wLqjsVben7qH9NtnD5HTkO2UlNRi2Z7X-TURQfip5hJgvZHUNxO-g5w9UGr_NYHl4YaBGjt/egfed0hIaIw6vhg0ojIfZEBDmT1iIbO1aLqYOBoiRCwQNP7oaahSquJ5HbURcVUTrtlatasJb3YQOvi5iWlBtgtRMLzygdsr1g6rHXdIAURgbNXAw-lypwf-pC2knk5I/.../

http://www.techspot.com/downloads/downloadnow/.../?evp=6c8065dabaf305a1353b22f5790fdf53&file=1

https://docs.google.com/uc?id=0Bxs9UxDhWKxiaVdWUlg1UEpXak0&export=download

http://www.softportal.com/getsoft-30994-rufus-1.html

http://www.techspot.com/downloads/downloadnow/.../?evp=caefc0099d57d52e5894b936b8701599&file=2

about:internet

http://www.downloadcrew.com/?act=software.download&id=30840&t=1457602483&c=b0dd31f559ecdbe94ee799d08e1ff2718773f6a3

http://dw.uptodown.com/dwn/_eeF3bIv0AdQiPuL1OpTNHhNkf8lKdcdvQFpBvFe-JH9ySfNVddo4KHyd5UiyQyVc0dzSgVHEo82W2G6NQtdHAB-25dbELZITkCpfV6W3TvZVOngYz3BocEysCKUNxeQ/uSZdxCbAeLE4I3Va8EG-L390WrCjmSlrfMfKU_N-CMBQtD3VPYyiri8yC6ppfbkacHR9ePdBrG49Vi_gIbIQtjT3Xbb22LIqIh9zL6f3rltKLTCRVbXAqSg4g-03jNgg/.../

http://www.downloadcrew.com/?act=software.download&id=30840&t=1459859128&c=91d72ebe0d7fbe90de8f36f0fad3e1443f37117c

http://dw.uptodown.com/dwn/84OORv5iueHdimIFLruNry0rxCDvc2oyFQ2Z2IbW3s1R1Xq-KSRhIzjkVo0jEzmnXPu7xVwN-nIz3eKjZZGMMhjZU13eXU9r77CFUY7fPcP_9Yi8bLqTmtyAAbTq9r3a/zLA06JTjc33hNDl2j4vHEUfwKC_ESsYTdxwR6zatQMs3xFqjO2okLfnbngT6_6u-8Yfh-wYscmdF8yyq9fCMycqMvjji3YOUzQ9ZPZWvYdD9Tzah0vUeCcpT1jrbIZgW/.../

https://mega.nz/temporary/.../Z552iSRQ

http://dw.uptodown.com/dwn/R9GFmBCrhZjbSJS05H9TSDUOA3yKQ2cBTr9L0re-Zn4kTsXJ8KKb4eUwCWK7hK6i6MNwrfteiIZbZUy3NZKlEkufDaACTMi_WWyoyTDQBcV-UOJ9XXEZmU3hnidvtqNt/qwr3QX89VWLuL9LhoGENH59ZNxRovSoWzykx4NQeZIEGWBNT0ktBB3iddldIBcC1FTHm0PLcVQpWRBkW2-mjRZNelUaF535bijZLUlLEZoe1MSOK5SuJsGaH1IL66mm2/.../

https://docs.google.com/uc?authuser=0&id=0Bxs9UxDhWKxiaVdWUlg1UEpXak0&export=download

http://blogattach.naver.net/40d55cecf9a3a47856b5d5e3df3b4b3e9ccb34d1e7/20160311_263_blogfile/.../rufus-2.7.exe

http://www.techspot.com/downloads/downloadnow/.../?evp=a32132e834c9f8abb9229bd16aa99a3a&file=1

http://192.168.43.1:33455/static/storage/emulated/0/.../rufus-2.7.exe

https://mega.nz/persistent/.../hRNBDBAS

http://dw.uptodown.com/dwn/JYGnR-un9YNCuDcOa8pBYu5DT5MjgaxU9FfFlHVK53_h_8f5L7KzsnxdU63Qc8XjsnEYJsxu1hNcWvvVWbmy7eVc1fuGBhj0dZ-Ys3pYQGlmvt73BmG4gElJ1a9fHPMy/ocb6cwX0Ddh7sjQ4d9c8oJbSL1aAtWHOT-rEeLibvXzLuc5Y8YXqarS24WuV5G-RO3GIJdvAmYsivTfPWCfZWIoHhn0lKYVY-ny3O7iBMzI9bFcVg1xNeIoYGhv1Fiz8/.../

http://85.25.41.248/.../rufus-2.7.exe

https://mega.nz/temporary/.../hRNBDBAS

http://dw.uptodown.com/dwn/2ac1ABf2UHqeD5y3RgYxL4Qdr38KjVxSTcgfmR0OM5CEYa2cqNvJ1Z2yXODklIEyCWo-y3EiKoKqUIOppmyo-2DDgRGREeGgHB2dQvBotye8gV3sXeM0FipXqvYdCDpz/6lwhJMLP9BXl-oxPkH7V0GouN6CB1U_rKKl1I9jS4RGtEIdaZmZhRO_iYlEIfje4mbdVolLqrleFyPPv1OeQfjCNjsAqNgqOZkddTzLx0ec8IsMvcnbopdzNxiO5Q52L/.../

http://dw.uptodown.com/dwn/bvbb82lToKx108VrRv08FK-OFPPZz7LCceDccGyP1mr-uRNDqNjfIbPvISg5cOQLx2EPSenG8qcuCw_HygDMpUf6LMwMTNTu-yCgCt2wIPgT92LY9u-ox2ImiOEIn5dE/m0rvMm371Q7-peJKBNkdgs6dRqlBa4GnLo3M70Jd-dC7g6KLMaWNpXYEhOmBv75SQcOdNNlxZrVzzNgNygAYqMUiRfT3DPaHBXTDBileGv9fhxBxSprMUzFb4SqLn61x/.../

http://dw.uptodown.com/dwn/rdht4At-wWnVwOasxJDvpOKQGvkhoUQ5bXnfRESwR8_6gb5yrj6A14wgXsk0GTDWVdfn-qrLUghRKlO_2sFFrflDrEuTPa4YvSBnQ1GOMbwGXqtlcTvxJiy0iWA0d8lj/z576PadWJarAdAlyecPRHen99kJ5ooLMW3biGQeKByakKeDD1YPxwK0sxj4UDL49Ld-qkTCOIzMLczorZq4Lew4aaQ6udxTE7M-lx4fbOv4_74gMsNWZNX36Ws85z9xM/.../

http://dw.uptodown.com/dwn/MGIWPv6DA0aixIMqMAdlkvDbogU31Qq9FFlNCRgl4Xqm2sCQBqt0oQnjuUD7fDwCvliB9_m6PgKzXtDcaNQBUEH54b5u99hhCLF9PH4PyGcv0OnscD_BeDOGI6uLto-c/kqRqPswCbPzg89Rj184D_n6pvbHwDWeYtI7WN5cs8kyq_dwUbFWdr9yAHpEcRiSlSZFWffxW9x9nBO3W3yb9k2vsxUxxUr2zDS6m4xA6E7NtZMf4_jJHW8vzmenJyCsd/.../

http://server8.dhakamovie.com/sdb1/software3/2016/Windows 10 Enterprise VL X64 v1511 en-GB March 2016/.../Rufus 2.7.exe

http://dw.uptodown.com/dwn/goD1-gLZ2JdaXvgpFp9EgEHx8ml6NdfA8LXMKCnT5Ne_nFATKs4TdAxjT_vptaACFN6oFnv9GyzqmEzqeA1yQPxZz4fMaflSAzzmIzOarqbRfiS7UG-6qQvM-zSIBzLg/gxq5oG1ikvqSlvDC99DeLLtdqGOUU_bMYytMsV7OXXSLFeibNswyxN4ItvFqiRMCNgvD-gS-v8ljCyrt-e300zdPelWvnNlqvdfbPrFDWZPai6pxhnt3nKbTP2XjSqfL/.../

http://www.downloadcrew.com/?act=software.download&id=30840&t=1460389455&c=617547fda8d920fba978e118e4816be66bb1d5e8

http://dw4.uptodown.com/dwn/-L9u15QxVUzzX4o6FifB3P-h_mz48BkVs40hF3DdgQ8hMrNSf_wVikK_5qozXcfKFOvOKSeSbWzoN1J4Yv7WCbH_i1NLGJmQYwGF5KLdsAQek2iGymjntiqkNCHe8CVG/95s7njeUSsNFyicK3salNN6KUMlSLc_GRmYou0Fsw332SwWOYy7YQ-M03LzAJsC3QVrbK_V6JEqvuIkLq9Ob2cYOoEgOh49XH1LOelo8qeX5cFFnrb93TeyjyQI71Z3-/.../rufus-usb-2-7.exe

http://www.softportal.com/getsoft-30994-rufus-2.html

Latest 30 of 82 download URLs

Scan rufus-2.7.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.