home

xdelta.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from xdelta.googlecode.com.
MD5:
70707830234212e86fb311f49be53459

SHA-1:
1a008dc74a661946724443a028d58fede7ab1b02

SHA-256:
9145cd3be27a7ba92d6535d1a55e601eeaab031ef337db5e8db51fb3d4f02e3b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:10:53 AM UTC  (today)

File size:
307.5 KB (314,880 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\_tools\xdelta.exe

File PE Metadata
Compilation timestamp:
1/13/2014 6:52:28 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
6144:KfpnDvIMvBBfpiezRVSBvEbMhW7cQqctf7AJYOZUWBN:KfpnTIMvBBfsePSBvEbMhStqctf7AJt9

Entry address:
0x2C18A

Entry point:
E8, 56, 79, 00, 00, E9, 95, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A0, 01, 00, 00, 81, F9, 80, 00, 00, 00, 72, 1C, 83, 3D, 2C, 80, 45, 00, 00, 74, 13, 57, 56, 83, E7, 0F, 83, E6, 0F, 3B, FE, 5E, 5F, 75, 05, E9, 9C, 79, 00, 00, F7, C7, 03, 00, 00, 00, 75, 14, C1, E9, 02, 83, E2, 03, 83, F9, 08, 72, 29, F3, A5, FF, 24, 95, 10, C3, 42, 00, 8B, C7, BA, 03, 00, 00, 00, 83, E9, 04...
 
[+]

Code size:
236.5 KB (242,176 bytes)

The file xdelta.exe has been discovered within the following programs.

Arma 3  by Bohemia Interactive
ARMA 3 is an open world tactical shooter video game set in the near-future during the mid-2030s, where NATO forces deployed in the Greek islands of the Aegean Sea are trying to hold off a massive Iranian military offensive from the east.
www.arma3.com
About 4% of users remove it
Breaking Point  by The Zombie Infection
thezombieinfection.com
About 5% of users remove it
Don Bradman Cricket 14  by Big Ant Studios
www.cricket14.com
About 1% of users remove it
Forged Alliance Forever  by FAF Community
www.faforever.com
About 5% of users remove it
HuniePop  by HuniePot
www.huniepop.com
About 1% of users remove it
Hyperdimension Neptunia Re;Birth2 Sisters Generation  by Compile Heart
ideafintl.com/rebirth2
About 1% of users remove it
MWO Portal  by Piranha Games, Inc.
About 2% of users remove it
Renegade X  by Totem Arts
About 7% of users remove it
The Elder Scrolls Online  by Zenimax Online Studios
www.zenimaxonline.com
About 3% of users remove it
WS Launcher  by Launcher
forums.arma.su
About 1% of users remove it
 
Latest 20 of 17 programs
Powered by Should I Remove It?

The file xdelta.exe has been seen being distributed by the following URL.

https://xdelta.googlecode.com/.../xdelta3-3.0.8.x86-32.exe

Scan xdelta.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.