home

update.exe

Crystal Launcher

This is a setup and installation application. The file has been seen being downloaded from s7689.chomikuj.pl and multiple other hosts.
Publisher:
Crystal Launcher

Product:
Crystal Launcher

Description:
Crystal Launcher Installer

Version:
1.0.0.0

MD5:
0968ddfb6e0b388bcde87f2a4e13ab7c

SHA-1:
9ca3aa896c81ee617a2c315782872cf0cfaf1119

SHA-256:
7fc5bed6a6073975b61e489b9de2c0de239219dd05277f4d9d534c37ad73bea2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/21/2024 1:42:52 AM UTC  (today)

File size:
45.5 KB (46,592 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013-2014 Crystal Launcher

Trademarks:
Crystal Launcher

Original file name:
CrystalLauncher-Installer.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\crystal-launcher\update.exe

File PE Metadata
Compilation timestamp:
2/21/2015 9:06:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:v5aKjpt06Xm06YOKAa4pEMwysImt2ISdKu92XPghBM2n+kuzepzVrK5adZXuzYcQ:zlK92fGu8+kuzepzlK5oD

Entry address:
0xB15E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
36.5 KB (37,376 bytes)

The file update.exe has been seen being distributed by the following 11 URLs.

http://s7689.chomikuj.pl/File.aspx?e=2n9zcLNJs6yI8IUJBFBg2HwYwHzmduLR5skbWtiDQU6ZzCz02Yaz6tl6aKmJaCRTFDGpiJ7EpVxLJ3d2fE-2L5rPv3jLoOuOmIlCr7QTqEZvXoH52Evw65vFxnt9iSC_UhP_KjPpF-5atDAvHPIRr6XfWzmSwNInMXKpUaLVDRY&pv=2

http://s7689.chomikuj.pl/File.aspx?e=2n9zcLNJs6yI8IUJBFBg2K1hVjPSA-EhAMBJeHtu4ZB4b57j8-uYdHPfDCTeoH_noHR44DbxaJv-8L67Z53DnF5j80NeRiGnfFL0j5bn8-JF48HisUunTJ2dmYdasdoNP_0V4W3L5semrqxShCEJZUvtsQpvQrE8NFI2mL0qPKE&pv=2

http://s7689.chomikuj.pl/File.aspx?e=2n9zcLNJs6yI8IUJBFBg2HwYwHzmduLR5skbWtiDQU7-Aazi-47zJLUHLKCEd_qBvW_fq-sgYhRXGkJcwzHMG5WpsVkhWlO8IuN-3Npl-8rKSHcOPeq417TeWfZNNWCCmoZFamFarlhY8vkb_IWrnAU0AFOdbTMYvYGHklOaV0w&pv=2

http://s7689.chomikuj.pl/File.aspx?e=2n9zcLNJs6yI8IUJBFBg2HwYwHzmduLR5skbWtiDQU5DVu3ixvuX-cV5NUFMeOq3_Rr_GoevzaBoYW_nVZB-jNMI2yhY1bpn7hgXOEqN4o1pUSq6Akp4DFiPJB2NUtshylqNVlFbjOC_4lyONv8-aoGOhc04pkKlxnTQq0B8pb4&pv=2

http://s7689.chomikuj.pl/File.aspx?e=2n9zcLNJs6yI8IUJBFBg2HwYwHzmduLR5skbWtiDQU6u32tQr0clgc0Rd3MHkZzEm-FDY1YiKJB-IQOdRyHMZOaSq2ks1cxsv4_c4h7cnogyzbzofJsQ1Fdip6N2F-MbiZAbV76rpIthEngakSdncJuks0VaRhZhs73RhN5NLaY&pv=2

http://s7689.chomikuj.pl/File.aspx?e=2n9zcLNJs6yI8IUJBFBg2HwYwHzmduLR5skbWtiDQU5mrvCMibTZRBbThSf-PszefXgUNMg3zNqIxxS1bhCuu1DtaIOHfM8akJI-gDcUPsP7mGQn8MqnnPtLMrKR5u2ntW-v8YXFssmAty8cvuJM8YfWAESKtCM4N6ST-9LNe9c&pv=2

http://s7689.chomikuj.pl/File.aspx?e=2n9zcLNJs6yI8IUJBFBg2HwYwHzmduLR5skbWtiDQU66-uxv0YvzNt1fEOoEQs6XeXfj7jiFBD55qGu5Xu1Q68TUpdahVSE7FrITZB1ENyqOEVu-Dop_VGigFYulH-KP5E79PjhBDXH2FJL0AuxMtrKrMuBMrZM6PjYPITEi__g&pv=2

http://ccs.infospace.com/ClickHandler.ashx?ld=20150928&app=1&c=speeddial2&s=speeddial&rc=speeddial2&dc=&euip=159.205.104.187&pvaid=045dd018ce334a8186a204d63da248b7&dt=Desktop&fct.uid=e379c54fb8014c3c93db4f82a371eb60&en=F9yKYkSQXFl2SJeJVGYXC/w3u4MZxkmX/fTGUOuvTjRj3/Uqv7Qddg==&du=crystal-launcher.pl/.../download.php&ru=http://crystal-launcher.pl/.../download.php&ap=2&coi=771&cop=main-title&npp=2&p=0&pp=0&ep=2&mid=9&hash=BA8CB6911AA3193FDB6F1C28EFF2FE8E

http://s7689.chomikuj.pl/File.aspx?e=2n9zcLNJs6yI8IUJBFBg2K11uYZUalGIRJxae8voTTZPzJ8Q0OChMQfe8ylH2I_6CW2hPVGCwGk_HleC5p5-n3BFO59JkFkze8Zi5whGtIEw7Poc5SVSc3CTilqXLhhM5APQIvMPKOXV5CDB1RTvt-L6H_H8Iadl-Azvv01nJaw&pv=2

http://crystal-launcher.pl/install//CrystalLauncher-Installer.exe

http://crystal-launcher.pl/.../download.php

Scan update.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.