wampserver2.2e-php5.4.3-httpd2.2.22-mysql5.5.24-32b.exe

WampServer 2

Hervé Leclerc (HeL)

The program is a setup application that uses the Inno Setup installer. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from docs.google.com and multiple other hosts.
Publisher:
Hervé Leclerc (HeL)

Product:
WampServer 2

Description:
WampServer 2 Setup

MD5:
22ed48e6d994baf6c439e85caff20f49

SHA-1:
462c5e197a0186c666569724433de5e4df73a0d6

SHA-256:
3a8644b6f97ce8cf03e55cb40219bbceef51fbb8181655ab37e2ec47fb738aeb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
9/25/2018 4:38:10 AM UTC  (today)

File size:
27.1 MB (28,425,387 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\wampserver2.2e-php5.4.3-httpd2.2.22-mysql5.5.24-32b.exe

File PE Metadata
Compilation timestamp:
6/19/1992 5:52:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:ucdTyvnPxDCsolHKIm+cXhV9IfurHoYVDbZ5PgjNEdete1zVL7N5kin:HTyvPxD4lHol9ISHocXyNCeYP7cg

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

Scheduled Task
Task name:
{631265EF-91DA-44ED-B9CA-5E69F626324C}

Trigger:
Registration (Runs on registration)


The file wampserver2.2e-php5.4.3-httpd2.2.22-mysql5.5.24-32b.exe has been seen being distributed by the following 35 URLs.

https://docs.google.com/a/.../uc?export=download&confirm=Yae7&id=0B96keGnlmvGIY3hiWW5YY2RzQUk

http://gsf-cf.softonic.com/462/c5e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=43257&instance=softonic_fr&type=PROGRAM&Expires=1436503944&Signature=I9JVcyhzyGe3wN6ovta03mZ2wJet-dvA0yHfhKlIy4zA7E-Vg6rGHa0X0BfZvOmeVW4vilVbPGodFqgl5Mgrvjq6ZPR7mrd548CEpILPYAtoZHs5C1HaLOV~7j7W1oLkbdrjufIrXo9NdHCTVQnhkB0WCX7sSAxlrEmuaAxi8ME_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wampserver2.2e-php5.4.3-httpd2.2.22-mysql5.5.24-32b.exe

http://gsf-cf.softonic.com/462/c5e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=43257&instance=softonic_fr&type=PROGRAM&Expires=1478153644&Signature=LNCa3SQ~tKf4Mil4rhgxGVg4-A0S1Ob9~90fjZQgZeYHFNO4~VSrdLlfSbPZK-MqU8iFrjY-HP5oXBsv2gBsV0QBTPfMoN8PZZ-29WCMlZeQT3SG0kqzJ9Bml-b0wt5acsWt06PhCszKbDFp2guKNQaX96gKzxL69cj1nWsILNY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wampserver2.2e-php5.4.3-httpd2.2.22-mysql5.5.24-32b.exe

http://gsf-cf.softonic.com/462/c5e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=43257&instance=softonic_fr&type=PROGRAM&Expires=1478746907&Signature=ZdEHAbcS3GlalBT5LPXVMRKp7dlrTcIY4i66N~4UgwByfXpTWMJ9XbwRAcN4KPcn~wk0Hv~ZFqCbTeR90OJThnQVV9Njuw9r3a22mFQf0to-1ZW-W3naLJ03jjN3Lz7Rdk8GA34l3-Fb~EYULwL7U08cWJ6evluXneLKP8P3mnk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wampserver2.2e-php5.4.3-httpd2.2.22-mysql5.5.24-32b.exe

http://www.hd4.ir/Software_DL?ID=15&AspxAutoDetectCookieSupport=1

http://download1806.mediafire.com/jhzmvn1z7awg/.../wampserver2.2e-php5.4.3-httpd2.2.22-mysql5.5.24-32b.exe

http://wampserver-32-bits.fr.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAM5JKedp50BeYSOBwuQn3kE34izgChZrOvvU1bEQujGesOA9XMeEW2WEgZEG WnqBbzyFcUfXVePS7m1q48uV0BV5RFmr0VcIH2HVH4etVXujcbWqCUnK8tYZ2prRXl675vX8hNuTSsg7l3nLOvVLQka0VROQJbD/kNCj8SHoZlZoW V0m47La1st1gNWHHWhb6OhOMLCYaEq0iZXMvVJ63t0U13wfoz5nYBznbRF6j61I2lvpZkjmJ0a9kQzOUp/QGKhQl0BUZEiu9hjKgEnmrFGjhE/AAgfaXZ4GqBJnoXN4gQkq7aR774 exaNCuzTq6AJLQ6WAj9JoelU678FRWQ bf7qfxrc7KdJwRm2I6uSprbSXMG srwIVlWOpZfbg6e9s EdjAqg2B1fhwU9iG64Kpv97vLLr8xicFxY5RtkI2X4QUcUSmBSXG9ttI3TDJFpY61o2PwRvcwc1/PB/zjbFmGyNErTnN36oIbB HBDx 58hALDa7HPtglTfwurNGUU5M7nvTYOzY85h6mM6MpYE4WVia29Mzlmuhy3z7c7Xu9pkFbFbcnCEM2dfjTGmAiLQPKbf/.../rehEPHVQXvbEHGEVd7XsG5AJoEpOHQY60qA==

http://gsf-cf.softonic.com/462/c5e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=43257&instance=softonic_fr&type=PROGRAM&Expires=1443233129&Signature=A7HbuLz7qrbeR4qjx84kVfHjd-akwW5kMERiJEvXcJYKxwubqcdf9VklocPNGGAtYJGFRE8Q3dY-Osg8uf66iUTypQE7zbCRh4M1kGHH7O3yCS-TrEddXQnl6n1K0LUdPHycL6HqBikDZend-jqhKGMakWyBajPQu32LEiGrj3Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wampserver2.2e-php5.4.3-httpd2.2.22-mysql5.5.24-32b.exe

https://doc-0g-7g-docs.googleusercontent.com/docs/securesc/o3i6bc9f4uvsv0jq9e3pksnjsulqdidu/i25gdjn4i8obqf0lho3nehdsma3ojjao/1468900800000/.../01567320499293436712/0B7Er_kr44rltMU1iLVpfZ0wyejg?e=download

https://doc-0o-4o-docs.googleusercontent.com/docs/securesc/2l13mgd168lhse8sh4lknc4elt51732h/8p8q0r28bj55ashssqt0r246vjabe6iv/1469872800000/.../09093191836569070183/0BxkBDSsC01vDampOQnhQVWFzbGc?h=17052756370570008394&e=download

Latest 30 of 35 download URLs