11647381_setup.exe

Opera Software ASA

This is a self-extracting archive and installer. The file has been seen being downloaded from mirror.preis.de and multiple other hosts.
Publisher:
Opera Software ASA  (signed and verified)

MD5:
f180650f4afa40c74d63ccf6f9af8714

SHA-1:
eec2c691d900f042637f4c51432b8231d1a15db7

SHA-256:
a80dd4c3c56036bcc84a772cd07f2cebbd362edd7e63f0f6f32d8d85d194783d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/3/2024 5:01:41 PM UTC  (today)

File size:
11.7 MB (12,272,352 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\11647381_setup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
1/27/2010 1:00:00 AM

Valid to:
1/29/2013 12:59:59 AM

Subject:
CN=Opera Software ASA, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Opera Software ASA, S=Oslo, C=NO

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
13C8351AECE71C731158980F575F4133

File PE Metadata
Compilation timestamp:
7/22/2007 3:33:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:1uov18AwCvNSsLjos6CGDBzYovLfwpBwbeg3FO8h7hy49fRXFaLhG4LH0Z3:1X18alhLjos6CGDB776aeg348n/Z8Dry

Entry address:
0x11DE6

Entry point:
55, 8B, EC, 6A, FF, 68, E0, 49, 41, 00, 68, E0, 1D, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 28, 41, 41, 00, 59, 83, 0D, 64, 97, 41, 00, FF, 83, 0D, 68, 97, 41, 00, FF, FF, 15, 2C, 41, 41, 00, 8B, 0D, 40, 93, 41, 00, 89, 08, FF, 15, 30, 41, 41, 00, 8B, 0D, 3C, 93, 41, 00, 89, 08, A1, 34, 41, 41, 00, 8B, 00, A3, 60, 97, 41, 00, E8, 1C, 01, 00, 00, 39, 1D, 90, 91, 41, 00, 75, 0C, 68, 6E, 1F, 41, 00, FF, 15, 38, 41...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
73 KB (74,752 bytes)

The file 11647381_setup.exe has been discovered within the following program.

BitTorrent  by BitTorrent Inc.
BitTorrent is a desktop application that allows you to work with torrent files.BitTorrent allows you to download files available as torrents, search torrent sites for music, videos, books, software and other free or public domain material.
www.bittorrent.com
7% remove it
 
Powered by Should I Remove It?

The file 11647381_setup.exe has been seen being distributed by the following 24 URLs.

http://mirror.preis.de/opera/win/1202/.../Opera_1202_int_Setup.exe

http://get.operamini.com/pub/opera/win/1202/.../Opera_1202_int_Setup.exe

http://dl.cdn.chip.de/downloads/.../Opera_1202_int_Setup.exe

http://www.xn--webbngsz-g1a1kr7b.hu/letoltes/magyar/.../Opera_1202_int_Setup.exe

http://champground.com/opera/win/1202/.../Opera_1202_int_Setup.exe

ftp://opera.vc.ukrtel.net/mirror/opera/win/1202/.../Opera_1202_int_Setup.exe

temp:Opera_1202_int_Setup.exe

http://fs41.filehippo.com/9145/.../Opera_1202_int_Setup.exe