» tmpeec1.exe
Overview
Analysis
File Details
Downloads (114)

tmpeec1.exe

CATALYST 13-9

ATI Technologies ULC

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from d2.driverscollection.com and multiple other hosts.

File name:

tmpeec1.exe

Publisher:

Advanced Micro Devices, Inc. (signed by ATI Technologies ULC)

Product:

CATALYST 13-9

Description:

13-9_win7_win8_64_dd_ccc_whql

Version:

0309

MD5:

8f74372dc9258122c163edea675392ff

SHA-1:

18e50699098636e2055c87ef0b3ef231e94ee0ae

SHA-256:

e36647eba035f349e5d1b7f288899180c0a26074dac19c6d354c800a51ee3f76

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 5:35:50 PM UTC (today)

File size:

197.9 MB (207,485,208 bytes)

Advanced Micro Devices, Inc.

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\tmpeec1.exe

Digital Signature

Signed by:

ATI Technologies ULC

Authority:

VeriSign, Inc.

Valid from:

12/13/2011 1:00:00 AM

Valid to:

1/9/2015 12:59:59 AM

Subject:

CN=ATI Technologies ULC, OU=Product Deployment, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ATI Technologies ULC, L=Markham, S=Ontario, C=CA

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

67E18A6937AE14C8BBB829BE916650FF

File PE Metadata

Compilation timestamp:

12/5/2009 11:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6291456:r9aSSNhS86RQCoYsYCwnUKOUvSJ8omGEU3dC:rMSwS8vrYsMtBofEU3k

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file tmpeec1.exe has been seen being distributed by the following 50 URLs.

https://d2.driverscollection.com/4521f06818d95/7d34e27cb5f60fad66ddadf7416c2a07af8d8bd292904b0817d4b64e2de854095346fc8040eb79ae512a8fc0ce3927225753d1de/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/4ad119ef81c1b/f124b77a1ead947421479f0b128cb11212c8734cac7e555f50cd5c35cf5fe5927e609a4fe8b2a5d0a9460b30d61834d85461e984/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driver.ru/1247ac98c29ca2e2/ab78f9b3d470cad12df4657965f27072e56fd0a3b83c57ad7f1052b613e8dcda678dcd8c944ab740a693e2baa887291857dc5671/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/4ad11ca015a4d/040421a52a57af2d7bf492f90fcd4b37cedf1641b8f54ac864ea2b447401a3ed4f9d8fcd53b5a94a9246e52012b12ec258872ac4/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/1247ac878762f08c/8f28bfb7c40dd6b5c133e7fc30109b2175a383e081f42030c6b646b4abf0b0d252d239bca08ee8c307f696b99fb45f8a56f79844/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/4521f06beecc6/f4607c09f8f8c767d6401ad17cf1c9a6d08086ab362eb9cc507bcef8005a2d6950f7d670dcd12bb25e1d634e877c56045887f840/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driver.ru/4522048686a3a/7f3df0fea420aed99e9a6351d7da36760ad975544289d774134193a8f0804f92654345d586fefb4d4ef21310d26124025829b037/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driver.ru/1247ac8ec71eb49d/975d4e23fc571d8bc1302351288cbe92ba0a51d81f500270ec87af23c942bbcddb9c72e01686edab22d07674e7f5d451582a9bad/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driver.ru/1d3f7a8a5621473/83f0291cad998f7750929e10cd2060cc33fc1eddd975a6ef327a74dacaa60d2888821f9733a4d35b57d7ea6d2cf086c2584ab27f/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/4513768711c95/813a82df1858b8e276409cca004511129e2e7d4fb3e4203dfdac4fea7f48f9e11c2e26eea8f024bc5ba2e7bf808d5ad556b4899a/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/2ec2dc7dbe5e6e/7ade3c3885c9097cc9d8606f882ca706e04618a6c1f0c5d04fca900f2b4edda2c5447badb8e3d9225bef1d59446da8a757a18acc/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/2b355f6a971829/1530db0f85ced6f3223d659e053be910c7436746d140a96ea04f6e660ee4473f49571924ec21b807ff5fd4dc17a37bda583b0b32/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/_7_14182132182232282332804d552f456d00459166e21611a123/2706c4bd9e66033279f419d93b405a6fd183224deb89f73ae79ae09a6e386de0b05ccdd401b1a22329630243d3a4bc3a58619a22/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/2ec2dc7ca749cb/f392bfdf84bda275c431f15a0a8282b22fb90f80982488c15e5274b8c469e21c5761203d361e51ff4a09a2f85c74eb6256756428/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

http://www.techpowerup.com/downloads/2269/.../start?server=6

https://d2.driverscollection.com/1247aca0ed5bd69c/6e5c232972f52b40ac60cdf4708aaab513e217cef6381e339d05ad66d517e260c8d05f2d38ed4cc0154832ca5850fa2956c58155/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/b0b00ac0ed6/e9fbfc58f8f330b59924d96b22da88b3b5e91f3e96769191f9c44c2c4dc84696b45950c7c5fb8559b78be5bf294603e757bae53d/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/b0b009534b7/1f1b5392c6bc262aaa3d956d6c6a98df022a7a549fce8f1ecb5392bf978042576157e64cd15e10692a634ba33caf8b09563bc5d1/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/1247ac936899c8a6/9e76408ebcadf81c0d5701ca059eeab2e463cdf5f6b712539c54c999b5e2cf0b2a8c10ca7a0f81a98ccbf66ee59dc3e2582103a8/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

http://filehippo.com/fr/download/file/.../

https://d2.driver.ru/1247ac98c4947370/2556385aafc3d3346139c735a3c42eb269e3a085686795f905a145e896a17356a530ed8bd67115cda835f3e493501aae56745a12/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

http://data2.stahnu.cz/downloadFile.php?n=YXRpLWNhdGFseXN0LXZpc3RhLTY0XzEzLjRXaW43LDg2NC1iaXQuZXhl&s=hgq28lt0h8871m9btgc83e89p4&r=250c4dbbd3edb1371be16d5530294497

https://d2.driverscollection.com/6e9cafb821cc/d005befc1cc8004bf9b6564ab100ba798bf447ee98294553dcdaba1b13744591b282724668f5e01d7c35bb1de819089e561f00ee/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/45136a3097f84/82b84de78d60b2eb7d3ab66434d5be917dec582c56f6f5cffac3da51d7793b6a2526219edc01fe053d0f737f6c76f8ea569aca8a/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/4ad11d5fac450/ca097016d831c13ab1d131034188c69c12e8f83f696e9c2f06952b8777addb6193ba84a7e75bc1332e97fb1e94423e865770a456/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/452206cbe14d7/96396e4b24bacd0fda8e7eb7775ff58a42407e53dd828bda2a6d232185f0c4977d729a4cd987dee450a72fdad34ced5857f1578b/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

http://stahnu.cz/download/graficke-karty/ati-catalyst-vista-64/hngmpei6mgs9odae1773mhfnm4/.../ati-catalyst-vista-64_13.4Win7,864-bit.exe

https://d2.driverscollection.com/1b015b05e74ab50/a66321fde5fb34fff65db91ce4ac97263b8506dd1202fe197644d8adf3a2a766b6953384a6b80dc322ecd546828d8243575af762/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/1b015b14df35ada/6dd23b0e92f728ce2cedb2dcd97af1a2dffaf47de52643c3b3997ca4e49b8308675ca1df011368e2f7dcf4a4e3dabdc457c81967/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

https://d2.driverscollection.com/2b355f63d97ebf/c6188f0ae24917d8264b4306f2ece4ca0a01808793799923665c4b293d8a9c74b8c213abb7fe33fb940751e2a40be48d578f48df/3/15/1/.../13-9_win7_win8_64_dd_ccc_whql.exe

Latest 30 of 114 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.