» Sublight.Installer.exe
Overview
Analysis
File Details
Downloads (14)

Sublight.Installer.exe

Sublight

Sublight Labs

This is a self-extracting archive and installer. The file has been seen being downloaded from www.tamindir.com and multiple other hosts.

File name:

Publisher:

Sublight Labs

Product:

Sublight

Version:

5.0

MD5:

f8b9abb7dcb198e7a6e7bf886294c56e

SHA-1:

41b1e4490028d633eb9f2598bc32180c4d858b5f

SHA-256:

c51031d06c97858ae9e70a79d0cecdc9d6c8378a9f54ec45fdd689c5239d539d

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/19/2024 5:40:36 PM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

TROJ_FAKEAV.BMC

7.2.88

Trend Micro

TROJ_FAKEAV.BMC

10.465.29

File size:

675.6 KB (691,841 bytes)

Product version:

5.0

Original file name:

Sublight.Installer.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\sublight.installer.exe

File PE Metadata

Compilation timestamp:

12/8/2014 11:44:59 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

12288:GH0l+nwxGDdPJyl+v9DujPhXm1xUIiUZsstLg2+tgB/3tEkH6Z:Gi+nwxGDdPYl+Ij5Xm/5iUHp/3E46Z

Entry address:

0x2945F

Entry point:

E8, 00, 3A, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, 00, 20, 46, 00, 75, 02, F3, C3, E9, 89, 41, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, 5C, 3F, 46, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 60, 20, 46, 00, 01, 0F, 82, 3A, 42, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8... 
[+]

Code size:

270.5 KB (276,992 bytes)

The file Sublight.Installer.exe has been seen being distributed by the following 14 URLs.

http://www.tamindir.com/indir/MjAxNi0xMS0yNCAwNDowMjozMw==/sublight/windows/.../

http://www.free-codecs.com/download_soft.php?d=d1537f6b19a07aeed583b34049bab1b9&s=768&r=&f=sublight.htm

http://indir.gezginler.net/i/18111/.../

http://files2.dddload.net/download3/Sublight/.../Sublight.Installer.exe

https://docs.google.com/uc?authuser=0&id=0B_d-kUik37XjTVRYR2RHeC1ZV1U&export=download

http://sublight.software.informer.com/.../

http://nl.afterdawn.com/downloads/.../download.cfm?version_id=115729&software_id=3449&mirror_id=0&installer=0&perion=0&air_installer=0

http://files.dddload.net/download3/Sublight/.../Sublight.Installer.exe

http://www.filehorse.com/download/file/.../

http://www.programosy.pl/.../pobierz,sublight,2.html

http://indir.gezginler.net/i/18111/.../

http://sublight.soft32.com/get/file/id/.../?iframe=true&width=420&height=200&no_download_manager=1

http://www.free-codecs.com/download_soft.php?d=0235df9da6359502fa522e3d21a5acce&s=768&r=&f=sublight.htm

http://www.sublight.me/.../Sublight.Installer.exe

Scan Sublight.Installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.