home

swordsearcher-setup-downloader.exe

SwordSearcher Setup Downloader

StudyLamp Software LLC

Publisher:
StudyLamp Software LLC  (signed and verified)

Product:
SwordSearcher Setup Downloader

Version:
1.0.2.43

MD5:
4291b290d9b9478363c3e815949343b6

SHA-1:
dadca99b5da1f676638be0822f588ede4bc6552a

SHA-256:
4a50d1b15dbe6d336693c7e7992f2f00549a7f973a234dae689ca914f9160b5b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/4/2024 4:37:06 AM UTC  (today)

File size:
3.3 MB (3,511,384 bytes)

Product version:
1.0

Copyright:
Copyright StudyLamp Software LLC

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\swordsearcher-setup-downloader.exe

Digital Signature
Signed by:
StudyLamp Software LLC

Authority:
COMODO CA Limited

Valid from:
11/12/2015 7:00:00 PM

Valid to:
11/12/2020 6:59:59 PM

Subject:
CN=StudyLamp Software LLC, O=StudyLamp Software LLC, STREET=PO Box 140478, L=Broken Arrow, S=Oklahoma, PostalCode=74014, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
413E36E82664BCC62FB875C01E5F0609

File PE Metadata
Compilation timestamp:
3/4/2016 2:34:29 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:sKOVd2//1FQ8bKSH0gksNl8EmvtXvF+7wvcav8Tj5zEIwL2ovh7T/VH8:sKkYYWgEmvtXvc7wvBKjlEIgvh3u

Entry address:
0x2EC8EC

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, B4, F3, 6D, 00, E8, 47, 17, D2, FF, 68, F0, C9, 6E, 00, 6A, 00, 6A, 00, E8, 65, 4A, D2, FF, 8B, D8, 85, DB, 74, 0C, E8, AE, 4C, D2, FF, 3D, B7, 00, 00, 00, 75, 7B, B8, 68, 52, 71, 00, BA, 4C, CA, 6E, 00, E8, 24, 3C, D3, FF, A1, 0C, D9, 70, 00, 8B, 00, 8B, 98, 88, 01, 00, 00, 33, C0, E8, 28, E1, D1, FF, 50, 53, E8, E9, 5A, D2, FF, 68, 98, CA, 6E, 00, 68, E4, CA, 6E, 00, E8, 22, 56, D2, FF, 8B, D8, 85, DB, 0F, 84, 87, 00, 00, 00, C7, 05, 6C, 54, 71, 00, 2C, 00, 00, 00, 68, 6C...
 
[+]

Entropy:
6.4537

Developed / compiled with:
Microsoft Visual C++

Code size:
2.9 MB (3,061,248 bytes)

The file swordsearcher-setup-downloader.exe has been seen being distributed by the following 2 URLs.

http://setup.swordsearcher.com/4a4dbab3c6770f

http://setup.swordsearcher.com/0f8d59737ea546

Scan swordsearcher-setup-downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.