» topazglow_setup.exe
Overview
Analysis
File Details
Programs (1)
Downloads (4)

topazglow_setup.exe

Topaz Labs, LLC

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with Topaz Glow. The file has been seen being downloaded from www.topazlabs.com and multiple other hosts.

File name:

topazglow_setup.exe

Publisher:

Topaz Labs, LLC (signed and verified)

MD5:

a176b5a944ed9171d20a0b6e5aa8536c

SHA-1:

682106b982f5f0d18e81e7ecfacd293d67678b80

SHA-256:

b28113dd132f2359cfd0a380e449a38a2c2c38846bb11bcf6a09a14be835a800

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/27/2024 12:57:24 AM UTC (today)

File size:

41.5 MB (43,552,216 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\topazglow_setup.exe

Digital Signature

Signed by:

Topaz Labs, LLC

Authority:

DigiCert Inc

Valid from:

10/4/2012 5:00:00 PM

Valid to:

10/6/2015 5:00:00 AM

Subject:

CN="Topaz Labs, LLC", O="Topaz Labs, LLC", L=Dallas, S=Texas, C=US

Issuer:

CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0698184F298BEBCCE9396175E7891A42

File PE Metadata

Compilation timestamp:

12/5/2009 2:50:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

786432:32UMkrCPOGiC9nFjEbSdBT0B+slW8w5CxKTXBOZ8muhpwLtY6AEN+SjHrZ8lCGV1:3bMlGLCRyWzTRgWNXR1hUGlszZdlyaU3

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.9948

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file topazglow_setup.exe has been discovered within the following program.

Topaz Glow by Topaz Labs

www.topazlabs.com

About 5% of users remove it

The file topazglow_setup.exe has been seen being distributed by the following 4 URLs.

http://www.topazlabs.com/?download_file=554723&order=wc_order_54a2a93869b6a&email=feigert1@yahoo.com&key=a0e6c5aa7395a91c2d90211c6e169109

https://d2xkriaa67cpt4.cloudfront.net/topazglow_setup.exe

http://d2xkriaa67cpt4.cloudfront.net/topazglow_setup.exe

http://topazlabs.s3.amazonaws.com/topazglow_setup.exe

Scan topazglow_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.