428361_setup.exe

IrfanView Installer

Irfan Skiljan

This is a setup and installation application. This is installed with IrfanView (remove only). The file has been seen being downloaded from programy.57.pl and multiple other hosts.
Publisher:
Irfan Skiljan  (signed and verified)

Product:
IrfanView Installer

Version:
4.36

MD5:
1afab6ee6f3ea3456e8f5560cd28dca2

SHA-1:
86ea677562e4538a717cf3ff6def21b27d9e2ca9

SHA-256:
f8cdf57980e2c1839d61d2edc219ed49ab163a8c1298c4b32e559215e5ab2f11

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 3:39:39 PM UTC  (today)

File size:
1.8 MB (1,855,072 bytes)

Product version:
4.36

Copyright:
Copyright © 2013 by Irfan Skiljan, Austria

Original file name:
iview436_setup.exe

File type:
Executable application (Win64 EXE)

Language:
Niemiecki (Austria)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\428361_setup.exe

Digital Signature
Signed by:

Subject:
CN=Irfan Skiljan, O=Irfan Skiljan, STREET=Postfach 48, L=Wiener Neustadt, S=NOE, PostalCode=2700, C=AT

Serial number:
7163F67568A1E8577394D7EE0780BBB4

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
49152:zOpFT4FWNgy1A+Q6DQGjiKhf10zaTgdz/X81JK83HXJ:zOcFWNgs9JQeFZ10zaTgdz/81Jv3Z

Entry point:
60, BE, 00, A0, 48, 00, 8D, BE, 00, 70, F7, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.7939

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

The file 428361_setup.exe has been discovered within the following program.

IrfanView (remove only)  by Irfan Skiljan
IrfanView is a image viewer for Microsoft Windows that can view, edit, and convert image files and play video/audio files.
www.irfanview.com
2% remove it
 
Powered by Should I Remove It?

The file 428361_setup.exe has been seen being distributed by the following 50 URLs.

http://programy.57.pl/pobierz.php?id=65&jak=serwer

http://188.138.75.46/.../iview436_setup.exe

http://download1us.softpedia.com/dl/1aec4a0049cafa0795c9963b202e93b6/527c0897/100004445/software/multimedia/.../iview436_setup.exe

http://soft.archive2.clubic.com/files/f31c4f52ddf0863fcfd7daa54a72428f/52ad77fa/.../irfanview_4-36_fr_9523.exe

http://www.slunecnice.cz/sw/irfanview/stahnout/.../?m=102f0f81c3f73b4ea95b57a63592722e&t=52557e95

ftp://194.102.77.7/.../iview436_setup.exe

http://softmania.sk/download/prehliadace-fotografii/irfanview/6lvmb0j4097ei2a8pf2fur72o3/.../irfanview_4.36.exe

http://www.filehippo.com/download/file/.../

http://www.filehippo.com/download/file/.../

temp:iview436_setup2.exe

Latest 30 of 102 download URLs

Scan 428361_setup.exe - Powered by Reason Core Security