» second_life_3_7_29_301305_i686_setup.exe
Overview
Analysis
File Details
Downloads (16)

second_life_3_7_29_301305_i686_setup.exe

Linden Lab

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

Publisher:

Linden Lab (signed and verified)

MD5:

87cc07caedbd486792de7e7c6fb1f50b

SHA-1:

ad6f45322ef4bfae58b207586d96ca3ca17f1ad9

SHA-256:

a25c3c37680a50598977031c73cd18c46684970caeea3878623c0b3c8ed46b83

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/23/2024 6:40:52 PM UTC (today)

File size:

30.9 MB (32,384,792 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\second_life_3_7_29_301305_i686_setup.exe

Digital Signature

Signed by:

Linden Lab

Authority:

COMODO CA Limited

Valid from:

9/16/2014 6:00:00 PM

Valid to:

9/16/2017 5:59:59 PM

Subject:

CN=Linden Lab, OU=IT, O=Linden Lab, STREET=945 Battery Street, L=San Francisco, S=California, PostalCode=94111, C=US

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

009E40E79320D97EB9D6B4B5D52F0E97B3

File PE Metadata

Compilation timestamp:

2/24/2012 1:19:59 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

786432:kpXMGVTfDX9GD+u37KJ7wL58RzXh1434fbFW43C:s1sD+u37aRDbBZ3C

Entry address:

0x39E3

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00... 
[+]

Entropy:

7.9986

Packer / compiler:

Nullsoft install system v2.x

Code size:

28 KB (28,672 bytes)

The file second_life_3_7_29_301305_i686_setup.exe has been seen being distributed by the following 16 URLs.

http://dw.uptodown.com/dwn/ffd5MLrdDlHbArTZx-quFU2ytPeuRIKcMoxtar9vTiC_m0bL8GU-scegQu6QDWmD6YdahczVHgs6wiYsfSDvou62cWiYy7hT8ULO7hC0DfJaOIT5rld77GRyNKf5O25A/14csKAJDhZ3WXto6T7ae93OFidgNn532UQ9wdaJzR1Rd8vvVVp5wgkoSFJ-IDkF3g7-eK_LumXeIJ2ooDmZH4IBjelfJnHjsXlh3PYNuy0y9EJMaRG3B-JlEoAzYK_7z/lwZhhvQaw0QXAAisd-yX0DsKbQj8pliyvCoL0VGm0t9FXFhtdu0k8X7mZRgYedqjDyeg5vaZpfwidsS44TtVqvJ7gCAXG-5ZcALQ4fi9RBbAcFCPznkHDRsvFKiIB4Fp/.../

https://secondlife.com/get?locale=it-IT

https://dw.uptodown.com/dwn/p2IB1O3i6u3wKmFYnk6UdXG3iTEWQ0rdHfvG9wivyShUclGciawwnXSLq21KcUXOjXAkap8jJI134SozpNz5tGZDPTWVOT-PURPwmIiHqqxaIansnosk3qU_zHMfTr-Q/TRMyFerh00A30I1xeCd0kdDfzoLh4-iTbAZag5BkJSrhZihUSZOHkOLNSqml5fOVtlHFZeeFbR2IZOPbkOb2rLIfofWCSL08Ww7E_6w2gKt2KlM0yFczgFKqO2Y766o0/wsQtc3v_7dLuk6Sx6TWkvVHvTiIPChBD5SmUsw1PZQFQSky_bXCeC4c2x9Np0x3swCOmCnSlEi0XeymmYFujfkXfnI9JyUmFMnE1FD37n8zO8JlZB5D10-SejwFgWM7u/.../

http://dw.uptodown.com/dwn/yUVhUha1ki0-1-3dj69cKXF-c8TDbYnp6pwyWsmzvY6bv03gGyp7EWS3r2ihPOFHxz40v1VRwKUqineGTr74L3wUAQTkm08nydpzo2E47GMJb1Ea9YPNPhY6noDiS6d_/LbgZK5BbavgtSqMunjOz3Juq9RqIN2513b2hTnGo2SUfmgzDzirN8owlAubjKyXNoGFmtIS50Hf_HG4mLeZbT4OQnP8T1t3iXLc8tNF9JnPv5QCmkITHS5c07Htr_sh8/.../

http://dw.uptodown.com/dwn/2HnHyGhVj12pYAcEbFLxNMynyssuCtoCvsQRg0L3SmQOKcbD9P5jqu7jz0IJSTiHWRSqeGOMNXnd1d_CtHp7ds1u-ANlUuJFc9t6ux_4XA-Wa6A6jyTC5JG2FKkr4Ofg/fA9yW0dP4aofGax5P5WYtHyMdhVe5OaHMwaNXEW8sViLm-2ZhzoUDs4fSG7PRNvymn6Tixyt5KJHRO2aDDPYkqHAfBiKXenT6RJe3H1fa-YdbbMP_JFHZINVQdBfAX4_/4Jwzg4XfDUs0RfK1Fpe38xmdhtB4DXP79CGe0U40NGj7ISxgCBymjPBeQdiBR1qXVXyRuoUJx3xuJLoX_G_Yw9KHt-Osh3BanViR8baxkmkzXbZXF22bM1-YMevljtCQ/.../

http://dw.uptodown.com/dwn/w6LyA9QvdfmE0JhqPj70ajSl62bALNZhZm-bPycM3wfaRAcqEWmkYUItgFhSGCUmHX36xtJbowu1g5R7_4ZbUeT-bJ7LN6fphLJfFjzcaWt7IluivFBx01FGya7NxxnG/Ne7KJbEvrrjq-4HJyerBRE4moQVJuXyhynp9cQQ90G_Qd22quhEi4GHTlpxtBamOr83UGLn4dpy2vcclvFSCck_nM85098eKKrACbHsr99YjbmSim9zswfZe7nKICADZ/.../

https://secondlife.com/get?locale=de-DE

http://dw.uptodown.com/dwn/A_qxNisXGanziLibFc0gJ-VajbFZkiSA2OCk1jXOhL9DFdFtLS_Fdqiyq10i8WsphxYBubnRNxpprrvo4A0cqPKh04FPbH7FgxqYb9b_sMEn0A829_zKIcSR_z08SeXX/y1PIjTsBIjQLEUHNaVnmcEJTsxZUfbgAyEeJmQcQsbC5cCyZpsrrooEygdjqPCbwvU1e_DATfaBpKcS_fIBHOL4uDdjB401ngoGwXoAyXyRv_gHEkAVhGWTlbudQ4TIv/.../

http://dw.uptodown.com/dwn/PvbKSDn90ifE52u1wBDU8JxSFLsCdD6z9pmwNv0WLka0Ot7i6XaAmRNx0yxp-nwU53kHxR7REkwnSSg-HFhqdHOcdMTDBeqzM_0F7wsPyxRO1yoo1WcshXW9sPRAFjnh/8qfkXGD9p5zh_iNmAqYOQK8g7mok3sISkcIWXNnJp9d3nhR1OhVk0W1z9kQU243Y2MhHFAr8yx3C13S0XOp6zW3ZVu9NpZyjEXKc_dN78EOqWmhTO2n1SXdaOzy2ZMMI/.../

http://dw.uptodown.com/dwn/ZB_zTBM179FDc9XA0RKeiQb0VHMTZImLkwFQtVN1hPTulSV9Z07RL5ggXS8Az7wTk2iUPuavSK5RvaZnx1rNQQo6RRm6ZVDbjr3mbbdW9cnFvFrSWJ-D9FzPm31BLr52/PiizUsztmbNK-2n7CtAVfYOSZquIE1KF3aMhTcu-ffnQhA8ge8AeevUh5TjO01eWp55GYlVqwfhw8t5zIrIXoT2wR7LjtbQc-E3WfPT7V1pudJW3lNkTsRKPVUUZD_o-/.../

https://secondlife.com/get?locale=pt-BR

http://dw.uptodown.com/dl/1442348125/.../second-life-3-7-29-301305-multi-win.exe

https://secondlife.com/get?locale=en-US

https://secondlife.com/get?locale=es-ES

https://secondlife.com/get?locale=fr-FR

http://download.cloud.secondlife.com/.../Second_Life_3_7_29_301305_i686_Setup.exe

Scan second_life_3_7_29_301305_i686_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.