» 13-9_win7_win8_32_dd_ccc_whql.exe
Overview
Analysis
File Details
Downloads (34)

13-9_win7_win8_32_dd_ccc_whql.exe

CATALYST 13-9

ATI Technologies ULC

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from d2.driverscollection.com and multiple other hosts.

File name:

13-9_win7_win8_32_dd_ccc_whql.exe

Publisher:

Advanced Micro Devices, Inc. (signed by ATI Technologies ULC)

Product:

CATALYST 13-9

Description:

13-9_win7_win8_32_dd_ccc_whql

Version:

0309

MD5:

9a4fda36e1b4d306e05005ea7cb4b304

SHA-1:

87a3143c23aa5e5766c8e86cbb9950c4fa804994

SHA-256:

93387f007519c56f2b6559feb6b65005bd683fe9324a15320af0370415a15240

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/27/2024 9:52:17 AM UTC (today)

File size:

149.4 MB (156,676,640 bytes)

Advanced Micro Devices, Inc.

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\13-9_win7_win8_32_dd_ccc_whql.exe

Digital Signature

Signed by:

ATI Technologies ULC

Authority:

VeriSign, Inc.

Valid from:

12/13/2011 1:00:00 AM

Valid to:

1/9/2015 12:59:59 AM

Subject:

CN=ATI Technologies ULC, OU=Product Deployment, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ATI Technologies ULC, L=Markham, S=Ontario, C=CA

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

67E18A6937AE14C8BBB829BE916650FF

File PE Metadata

Compilation timestamp:

12/5/2009 11:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3145728:L+xLF0TVUfoASD/WVdkSjobmsUQC0mjN6QbsiZSJCwkqUulhakN6nJomOTBzZVXe:L9ASSES86RQCoYsiZwCwnUsJoomaNZVO

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file 13-9_win7_win8_32_dd_ccc_whql.exe has been seen being distributed by the following 34 URLs.

https://d2.driverscollection.com/1036a9c10ae/707a7b17198ec7dcdfa57bf8a71487c5fd63385b5a83aa8d2b802e1e5b0ea3495b6259de5413c1150fa49d280ff6ad5c5893b580/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

http://filehippo.com/download/file/.../

http://ftp-stahuj.centrum.cz/dl/edc59e462abcc64c9044e0b01a179667/57fa5c8e/stahuj/download/software/secured/a/ati-catalyst/139/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driver.ru/1032dcfe99b/71c8a30cb4a1b8ecc4975ddf3dee9ab64103de2e09d6640b19a86a70eb874e7cac779951164982dcaa75472cd8fa42635820c77e/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/6e9cafb821cc/0166563f9c3adfa46079c63e8cc6948c60705fd81a7150466ae6eb43f3b11d04b282724668f5e01d7c35bb1de819089e561eff91/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/1b015b14df35ada/93f5dc45e232a56d299bbffceb239c0d351846e89f3f623cc5b1e4de3b42574e675ca1df011368e2f7dcf4a4e3dabdc457c8116f/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/2b355fc4057a31/8c43fb1fdd64eddc5065bf7ba9d9db3713242f13b65fbe2f12ddd1869839b1973b4001eb5303953a739ae61f3188bc6b57f4fd5c/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

http://filehippo.com/download/file/.../

https://d2.driverscollection.com/1d39c9f1ed970f6/1dd378890d5bdbeee7bf9a78db3734e7a46dd69fadd0af5674b5b9a39c98935cf1ea3cd5f17b3dd63916809a5b787096581e6875/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/2b355f94365f97/4cb4e6c9ca27388810bf8508172176986e0d4bc66ea9828e9347c2247e28693642227a9b330ab0389fb408dfbd083cf757521dad/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/1247ac87fd58159c/ce4c86f82fd39a74f25ffa7912cc3c462d121675bd93c840e285fb15b3e41dc29d8eb4944d4c4ba86c4911b54adca6895799c7bf/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

http://d2.driverscollection.com/4522060501ae7/4840a897944535090f38aec6a47995558eb1b44120cceced4d5cd325514fc243b89d91ae216689df990fd84e2b61a09e53f39940/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

http://ftp-stahuj.centrum.cz/dl/314debbeffa07543cf1dd3ed1a032e8a/57e92315/stahuj/download/software/secured/a/ati-catalyst/139/.../13-9_win7_win8_32_dd_ccc_whql.exe

http://filehippo.com/download/file/.../

http://d2.driverscollection.com/45137693708d6/6bfee8761fe39282c7bf1684374418081fb3f213b450d69d60faddf5748519767dc54476993798011e6f24827905ab3553f5e70b/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

http://filehippo.com/download/file/.../

http://www.filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://www.filehippo.com/download/file/.../

https://d2.driverscollection.com/1247ac8715c809d0/8d24a4c16846c27730ef22db81268e21e64aa1c8827002b5f3c87778d1265742a8dbc098ca70e38ecb8400a4d749be3056dfac18/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/2ec2dca8abd88a/90e9191cb5d331fd65046a0594d8e63327f8ec8d636736282c1b62c8fa71d0fcf2f1d2a28ee1c7635f4ec34e7750d92d574d3bec/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/6e8591e83bd2/5e877ced96aa56ee6aa3100d0bb52db6e313aac81c2827cbaf7779cd963f1284db602cbf3ca7c26dd24c15d04f3232fd54ac24ee/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/2b355e34052cf2/ed629a13afead2d5054789d8a59e395077f40144d9a9c96049ca216aa64de1e5bcb4fc06a7ce13fa55b1a746d8f8ecaf56a73d45/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/6e857b75d1da/846fac3dd7b538836c9b9f701dcb5fd3b9731d6eb48c8e9d39696f4b32cc19531522e2c7c4cbf3b87fa50c4853e8bcd555dc5ccc/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

http://atherosdrivers.blob.core.windows.net/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/1d39c9dadf45ab5/d23f0cf772999c0a956535a6f6a6b4ce83f545c43458a61a103fda4f55ac7f0e7f54a5d6113a061247f95b9b924a862c5557ea02/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driverscollection.com/4521f5fb92391/6615a3d34c730ba5f53227791c2c93b9b3423244abd68ede583c3cf5d9f37cd7c43939faa2b3e795323abdce755af42856bc8ed0/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

https://d2.driver.ru/4522083cd8222/27b9d62ef011874c0aa90364b0e67923f203b636acbaff273bfad300c8c0474a4a9ca9c9c226167fcb0219344dd300f8568ff29e/3/15/1/.../13-9_win7_win8_32_dd_ccc_whql.exe

http://www.filehippo.com/download/file/.../

Latest 30 of 34 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.