home

setupdownloader.exe

Bitdefender SRL

This is a setup program which is used to install the application. The file has been seen being downloaded from cloud.gravityzone.bitdefender.com and multiple other hosts.
Publisher:
Bitdefender SRL  (signed and verified)

MD5:
43194ad3183751bceda7e633197980e2

SHA-1:
175e8868f17115d7d1305e38496fd8053a3c5dec

SHA-256:
ecd5f85c846e1a9bdd044df5e2fa980849752d62c4da032c0452b43b14e1198c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 8:05:23 PM UTC  (today)

File size:
3.4 MB (3,556,904 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\bitdefender\bitdefender update server\var\www\downloadablekits\11_6.2.7.721\setupdownloader.exe

Digital Signature
Signed by:
Bitdefender SRL

Authority:
VeriSign, Inc.

Valid from:
12/8/2015 6:00:00 PM

Valid to:
3/9/2019 5:59:59 PM

Subject:
CN=Bitdefender SRL, OU=PD, O=Bitdefender SRL, L=Bucharest, S=Romania, C=RO

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3DB29A3651F3F5E49CE079D283957630

File PE Metadata
Compilation timestamp:
2/3/2016 1:38:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:KTNpN9Ks1HsoFLu82oD05+hkznbgtH0GKzQ:+NT9tHg8wgtWzQ

Entry address:
0x11CBC

Entry point:
E8, 87, 66, 00, 00, E9, 78, FE, FF, FF, 55, 8B, EC, 83, EC, 04, 89, 7D, FC, 8B, 7D, 08, 8B, 4D, 0C, C1, E9, 07, 66, 0F, EF, C0, EB, 08, 8D, A4, 24, 00, 00, 00, 00, 90, 66, 0F, 7F, 07, 66, 0F, 7F, 47, 10, 66, 0F, 7F, 47, 20, 66, 0F, 7F, 47, 30, 66, 0F, 7F, 47, 40, 66, 0F, 7F, 47, 50, 66, 0F, 7F, 47, 60, 66, 0F, 7F, 47, 70, 8D, BF, 80, 00, 00, 00, 49, 75, D0, 8B, 7D, FC, 8B, E5, 5D, C3, 55, 8B, EC, 83, EC, 10, 89, 7D, FC, 8B, 45, 08, 99, 8B, F8, 33, FA, 2B, FA, 83, E7, 0F, 33, FA, 2B, FA, 85, FF, 75, 3C, 8B...
 
[+]

Entropy:
7.9641  (probably packed)

Code size:
115 KB (117,760 bytes)

The file setupdownloader.exe has been seen being distributed by the following 19 URLs.

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9VaTI5bXEvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9UOW4zRjYvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://10.0.10.3//Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly8xMC4wLjEwLjM6ODQ0My9QYWNrYWdlcy9CU1RXSU4vMC9kWU1GazIvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com//Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9qc0Vha3YvaW5zdGFsbGVyLnhtbD9sYW5nPWVzLUVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9VbHdMdHkvaW5zdGFsbGVyLnhtbD9sYW5nPXBsLVBM].exe

http://emc.services.bitdefender.com/track/click/.../cloud-ecs.gravityzone.bitdefender.com?p=eyJzIjoia2ZGb2FpVDVhLVNIUS1mVWhfdjBqNnlaNm4wIiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLWVjcy5ncmF2aXR5em9uZS5iaXRkZWZlbmRlci5jb21cXFwvUGFja2FnZXNcXFwvQlNUV0lOXFxcLzBcXFwvc2V0dXBkb3dubG9hZGVyX1thSFIwY0hNNkx5OWpiRzkxWkMxbFkzTXVaM0poZG1sMGVYcHZibVV1WW1sMFpHVm1aVzVrWlhJdVkyOXRPalEwTXk5UVlXTnJZV2RsY3k5Q1UxUlhTVTR2TUM5aFdHVkVSbll2YVc1emRHRnNiR1Z5TG5odGJEOXNZVzVuUFdWdUxWVlRdLmV4ZVwiLFwiaWRcIjpcIjMyM2E3YWIwYWQ3OTQ4MWNhYmE2OGQ3MGU1OWEyOTZjXCIsXCJ1cmxfaWRzXCI6W1wiZWM0MzVhMWFlNGMxODFiNzRjZGU2NWZlOWYwOTQwNTFjOTg2MjhjZVwiXX0ifQ

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC93TXd5T2cvaW5zdGFsbGVyLnhtbD9sYW5nPWRlLURF].exe

https://192.168.5.58//Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly8xOTIuMTY4LjUuNTg6ODQ0My9QYWNrYWdlcy9CU1RXSU4vMC9yTFR1OWIvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9iQ29TSHkvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

http://emc.services.bitdefender.com/track/click/.../cloud.gravityzone.bitdefender.com?p=eyJzIjoiTms3alBYZXBIZW03Rkh6VDFDUTV6V0RqMGN3IiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLmdyYXZpdHl6b25lLmJpdGRlZmVuZGVyLmNvbVxcXC9QYWNrYWdlc1xcXC9CU1RXSU5cXFwvMFxcXC9zZXR1cGRvd25sb2FkZXJfW2FIUjBjSE02THk5amJHOTFaQzFsWTNNdVozSmhkbWwwZVhwdmJtVXVZbWwwWkdWbVpXNWtaWEl1WTI5dE9qUTBNeTlRWVdOcllXZGxjeTlDVTFSWFNVNHZNQzh5Tm5vME9IZ3ZhVzV6ZEdGc2JHVnlMbmh0YkQ5c1lXNW5QV1Z1TFZWVF0uZXhlXCIsXCJpZFwiOlwiOTA2YzFmZjQxYzliNGZlOTg1ZmU3ZjdiZTExNWIxMjlcIixcInVybF9pZHNcIjpbXCJlYzQzNWExYWU0YzE4MWI3NGNkZTY1ZmU5ZjA5NDA1MWM5ODYyOGNlXCJdfSJ9

http://emc.services.bitdefender.com/track/click/.../cloud.gravityzone.bitdefender.com?p=eyJzIjoiZmQ3UVRjTGt6Q3haQjdvRHV3cWNKWHIya3M0IiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLmdyYXZpdHl6b25lLmJpdGRlZmVuZGVyLmNvbVxcXC9QYWNrYWdlc1xcXC9CU1RXSU5cXFwvMFxcXC9zZXR1cGRvd25sb2FkZXJfW2FIUjBjSE02THk5amJHOTFaQzFsWTNNdVozSmhkbWwwZVhwdmJtVXVZbWwwWkdWbVpXNWtaWEl1WTI5dE9qUTBNeTlRWVdOcllXZGxjeTlDVTFSWFNVNHZNQzlNT1VFeGFGSXZhVzV6ZEdGc2JHVnlMbmh0YkQ5c1lXNW5QV1Z1TFZWVF0uZXhlXCIsXCJpZFwiOlwiMGQ3Y2RmNTNiMTg5NDJlZWI1ZjA0OTVjYjZlYzhkODZcIixcInVybF9pZHNcIjpbXCJlYzQzNWExYWU0YzE4MWI3NGNkZTY1ZmU5ZjA5NDA1MWM5ODYyOGNlXCJdfSJ9

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC8tVDdQa04vaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

http://emc.services.bitdefender.com/track/click/.../cloud.gravityzone.bitdefender.com?p=eyJzIjoiWXN1YU1JUTZJTW9kc3ZvU3FzOXZUMFVCR0w4IiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLmdyYXZpdHl6b25lLmJpdGRlZmVuZGVyLmNvbVxcXC9QYWNrYWdlc1xcXC9CU1RXSU5cXFwvMFxcXC9zZXR1cGRvd25sb2FkZXJfW2FIUjBjSE02THk5amJHOTFaQzFsWTNNdVozSmhkbWwwZVhwdmJtVXVZbWwwWkdWbVpXNWtaWEl1WTI5dE9qUTBNeTlRWVdOcllXZGxjeTlDVTFSWFNVNHZNQzlyZFdoVk4xQXZhVzV6ZEdGc2JHVnlMbmh0YkQ5c1lXNW5QV1Z1TFZWVF0uZXhlXCIsXCJpZFwiOlwiNmJiYjA2MGM1N2QyNGMzOGFlNTdhZmVhMWNmOTRiYjVcIixcInVybF9pZHNcIjpbXCJlYzQzNWExYWU0YzE4MWI3NGNkZTY1ZmU5ZjA5NDA1MWM5ODYyOGNlXCJdfSJ9

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9TaHFsUlovaW5zdGFsbGVyLnhtbD9sYW5nPWVzLUVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9tSjZDXzIvaW5zdGFsbGVyLnhtbD9sYW5nPWVzLUVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC81X05NM08vaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC93OVlyM18vaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9Nc2UzMHovaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC81OGd3cEwvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.