home

setup.exe

Blow Up 3 Installer

Alien Skin Software, LLC

This is a setup and installation application. The file has been seen being downloaded from cdn.alienskin.com.
Publisher:
Alien Skin Software, LLC  (signed and verified)

Product:
Blow Up 3 Installer

Description:
Blow Up 3 Installer Revision 33753

Version:
Revision 33753

MD5:
cde0724adb481437344dbdedae012951

SHA-1:
9e450134f8344a724cb583f73d336cb634a40f6d

SHA-256:
a0f03c750bedaf93e4f6cb8ed774638bec7f485a1c5883dab825fa827b3b172c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 4:58:52 PM UTC  (today)

File size:
26.9 MB (28,251,096 bytes)

Product version:
Blow Up 3 Installer Revision 33753 built by machine BUILDAGENT11

Copyright:
Copyright (c) 2016 Alien Skin Software, LLC

Original file name:
Blow Up 3 Installer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\alien skin blow up 3.1 [urduit786.com]\setup.exe

Digital Signature
Signed by:
Alien Skin Software, LLC

Authority:
GoDaddy.com, Inc.

Valid from:
8/28/2014 5:33:03 PM

Valid to:
8/7/2017 10:32:08 PM

Subject:
CN="Alien Skin Software, LLC", O="Alien Skin Software, LLC", L=Raleigh, S=North Carolina, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B34499A9D0AC5

File PE Metadata
Compilation timestamp:
6/2/2016 8:38:30 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
786432:KZc11f5i3CULMqH+TutOcKToGRwr6fCldJr:4A1f5qCm+TmZpG0l

Entry address:
0x282E5

Entry point:
E8, 51, 06, 00, 00, E9, 80, FE, FF, FF, FF, 25, AC, B3, 44, 00, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, F2, C3, 8B, 4D, F0, 33, CD, F2, E8, 77, F6, FF, FF, F2, E9, DA, FF, FF, FF, 8B, 4D, EC, 33, CD, F2, E8, 66, F6, FF, FF, F2, E9, C9, FF, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, BC, 01, 46, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, F2, C3, 50, 64, FF, 35, 00...
 
[+]

Entropy:
7.9966  (probably packed)

Code size:
293.5 KB (300,544 bytes)

The file setup.exe has been seen being distributed by the following URL.

http://cdn.alienskin.com/.../blow-up-3.1.0.128.exe

Scan setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.