» 17194472_setup.exe
Overview
Analysis
File Details
Downloads (121)

17194472_setup.exe

DR Download Manager

Digital River, Inc.

This is a setup and installation application. The file has been seen being downloaded from www2.buyoffice.microsoft.com and multiple other hosts.

File name:

17194472_setup.exe

Publisher:

Solid State Networks (signed by Digital River, Inc.)

Product:

DR Download Manager

Version:

3.2.3.4

MD5:

01b8f52c5534aefeafbf28e143038343

SHA-1:

dc2d539028f9e33161cb83a759e4b12b5da6bc09

SHA-256:

2a995e8f2591cdf8e8c16ec403f288d4188a8cf9435ac52d1a82c9e230d225c9

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

1/12/2025 8:48:15 PM UTC (today)

File size:

2.5 MB (2,574,064 bytes)

Product version:

3.2.3.4

Digital River

Original file name:

host.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\17194472_setup.exe

Digital Signature

Signed by:

Digital River, Inc.

Authority:

VeriSign, Inc.

Valid from:

11/10/2009 7:00:00 AM

Valid to:

11/10/2012 6:59:59 AM

Subject:

CN="Digital River, Inc.", OU=IS, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Digital River, Inc.", L=Eden Prairie, S=Minnesota, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

0DC5FA3D4CA8C646A9394CFE5DF99432

File PE Metadata

Compilation timestamp:

5/26/2012 1:30:56 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:aTRM4nA3NvTS7zL9aPhxTA2kXk51HU33Ho11NL5nSnoE19vFVkG0yiFp77NTQ1qH:6MvN+v0PTTXWk5103Xo11NknoErsG0ys

Entry address:

0x3FA49

Entry point:

E8, E2, 24, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 38, 8A, 46, 00, 89, 0D, 34, 8A, 46, 00, 89, 15, 30, 8A, 46, 00, 89, 1D, 2C, 8A, 46, 00, 89, 35, 28, 8A, 46, 00, 89, 3D, 24, 8A, 46, 00, 66, 8C, 15, 50, 8A, 46, 00, 66, 8C, 0D, 44, 8A, 46, 00, 66, 8C, 1D, 20, 8A, 46, 00, 66, 8C, 05, 1C, 8A, 46, 00, 66, 8C, 25, 18, 8A, 46, 00, 66, 8C, 2D, 14, 8A, 46, 00, 9C, 8F, 05, 48, 8A, 46, 00, 8B, 45, 00, A3, 3C, 8A, 46, 00, 8B, 45, 04, A3, 40, 8A, 46, 00, 8D, 45, 08, A3, 4C, 8A, 46... 
[+]

Code size:

333.5 KB (341,504 bytes)

The file 17194472_setup.exe has been seen being distributed by the following 50 URLs.

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-2100970172&culture=en-us&receipt_id=861166634&local_only=true

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=180455808&culture=en-us&receipt_id=861491810&local_only=true

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?local_only=true&receipt_id=444765614&culture=en-GB

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-2028524587&culture=en-us&receipt_id=861331597&local_only=true

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=741348287&culture=en-us&receipt_id=861798837&local_only=true

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1447528088&local_only=true&receipt_id=572958964&culture=en-us

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-458510460&local_only=true&receipt_id=807678165&culture=en-us

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=199234536&culture=en-us&receipt_id=861991118&local_only=true

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?local_only=true&receipt_id=543755945&culture=pt-br

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?culture=pt-BR&receipt_id=861945164&local_only=true

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-2041372452&local_only=true&receipt_id=573615307&culture=fi-fi

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1644134616&local_only=true&receipt_id=543857150&culture=en-us

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-652067408&culture=en-us&receipt_id=861611201&local_only=true

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1158656611&local_only=true&receipt_id=573617906&culture=fr-FR

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=851063740&culture=en-US&receipt_id=861575029&local_only=true

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1537508549&local_only=true&receipt_id=543455476&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-851280582&local_only=true&receipt_id=573233573&culture=en-GB

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-148577392&culture=en-us&receipt_id=861689039&local_only=true

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-450659111&local_only=true&receipt_id=573681335&culture=es-mx

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1107610433&local_only=true&receipt_id=807605842&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-698707572&local_only=true&receipt_id=573063777&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-807276303&local_only=true&receipt_id=572732628&culture=pl-pl

https://www20.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=1568182645&local_only=true&receipt_id=310002198&culture=en-us

http://download2.rada.vn/Data/Soft/2010/08/.../Office2010_en-us.exe

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1204853014&local_only=true&receipt_id=544595146&culture=pl-PL

https://www20.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=928350593&local_only=true&receipt_id=110501556&culture=pl-pl

https://www1.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1944925817&local_only=true&receipt_id=211996007&culture=en-US

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1398656737&local_only=true&receipt_id=445177079&culture=de-DE

https://www2.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=-1901235607&local_only=true&receipt_id=808110119&culture=en-us

https://www7.buyoffice.microsoft.com/.../dlmdownloader.aspx?cache=349978675&unit_id=545074785&receipt_id=544392688&culture=de-DE

Latest 30 of 121 download URLs

Scan 17194472_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.