465-inst-win7-a.exe

FileCompact

A.I.SOFT,INC.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.brotherdriver.com and multiple other hosts.
Publisher:
A.I.SOFT,INC.

Product:
FileCompact

Description:
ZIP SELFEXTRACT

Version:
4, 0, 0, 0

MD5:
15ef5c9fbc5f2eb6a973620bc406492b

SHA-1:
72a7d5c05d34f437cc3a692b1d0ef3826b65e89e

SHA-256:
7c65ff1419693d74f387f4d45c36ca6190930e826ebefce35f80dba5c13c936f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 11:58:51 AM UTC  (today)

Scan engine
Detection
Engine version

NANO AntiVirus
Trojan.Win32.Huhk.crkkle
0.28.0.57630

File size:
42.6 MB (44,631,506 bytes)

Product version:
4, 0, 0, 0

Copyright:
Copyright (C) A.I.SOFT,INC. 1996-2001

Original file name:
DXZIPSELF.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\465-inst-win7-a.exe

File PE Metadata
Compilation timestamp:
12/4/2001 8:44:24 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:81GgfS8LnOvsC0lqi6ZJzR4QGGBbKwRgMoG9LS3CErzPCDS4bnwJowyCzyAMIE:81G8LOv4U/4QGGBdROG1OrPPCe4Gb7zQ

Entry address:
0x2B29

Entry point:
55, 8B, EC, 81, EC, 04, 01, 00, 00, 56, 6A, 00, FF, 15, 74, 50, 40, 00, 8D, 8D, FC, FE, FF, FF, 68, 04, 01, 00, 00, 51, 50, A3, 24, 72, 40, 00, FF, 15, 70, 50, 40, 00, FF, 15, 6C, 50, 40, 00, 8B, F0, 8A, 06, 3C, 22, 75, 0E, 8A, 46, 01, 46, 84, C0, 74, 18, 3C, 22, 74, 14, EB, F2, 84, C0, 74, 0E, 3C, 20, 74, 0A, 3C, 09, 74, 06, 8A, 46, 01, 46, EB, EE, 80, 3E, 00, 74, 01, 46, 6A, 00, FF, 15, 00, 51, 40, 00, 8D, 85, FC, FE, FF, FF, 56, 50, E8, 13, 00, 00, 00, 59, 59, FF, 15, 04, 51, 40, 00, 6A, 00, FF, 15, 68...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
16 KB (16,384 bytes)

The file 465-inst-win7-a.exe has been seen being distributed by the following 34 URLs.

http://www.brotherdriver.com/.../aHR0cDovL2Rvd25sb2FkLmJyb3RoZXIuY29tL3dlbGNvbWUvZGxmMDA0MTYyLzQ2NS1JTlNULVdJTjctQS5FWEU=

http://www.brotherdriver.com/.../aHR0cDovL2Rvd25sb2FkLmJyb3RoZXIuY29tL3dlbGNvbWUvZGxmMDA0MTY1LzQ2NS1JTlNULVdJTjctQS5FWEU=

http://welcome.solutions.brother.com/BSC/public/agreement_submit.aspx?serialno=&lang=English&dlfile=http://download.brother.com/welcome/.../465-INST-WIN7-A.EXE&guid=1111d379-3c8c-473f-9edc-85bac1ddf558&osname=win_7&prod=dcp135c_eu_as&c=pl&viewmode=0&dlid=dlf004156&dept=IDC

http://www.brotherdriver.com/.../aHR0cDovL2Rvd25sb2FkLmJyb3RoZXIuY29tL3dlbGNvbWUvZGxmMDA0MTYxLzQ2NS1JTlNULVdJTjctQS5FWEU=

http://download2.brother.com/welcome_solutions/.../465-INST-WIN7-A.EXE

http://interia.hit.gemius.pl/hitredir/id=0stLay_GdLtDbdkbymp0ldU7jwzB44_kkcXH2eUJVFv.07/url=http://download.brother.com/welcome/.../465-INST-WIN7-A.EXE

http://www.treiberupdate.de/treiber-download/.../download_treiber_2099999.php?load=301640&dlidday=34573dfhdgh473637&extern=2&vendor=Brother&sys=Windows764

http://welcome.solutions.brother.com/BSC/public/agreement_submit.aspx?serialno=&lang=French&dlfile=http://download.brother.com/welcome/.../465-INST-WIN7-A.EXE&guid=d1501268-f379-4d3c-9163-45512250690a&osname=win_7&prod=dcp153c_eu&c=fr&viewmode=0&dlid=dlf004158&dept=IDC

http://welcome.solutions.brother.com/BSC/public/agreement_submit.aspx?serialno=&lang=German&dlfile=http://download.brother.com/welcome/.../465-INST-WIN7-A.EXE&guid=72f051e6-c4b5-41c9-bd6e-cab0dffd1611&osname=win_7_x64&prod=dcp350c_all&c=de&viewmode=0&dlid=dlf004160&dept=IDC

http://s6031.chomikuj.pl/File.aspx?e=BZrcZ6eXuyzRkF5JDp7ylg8Oe0fmxsHISCMZX08WQEpNxun36DvcewRe_m2v2LtEtogz55QMnGz6IwJ2vZnG20O5Q9Y9-RJ92Npcp5C9Ifiib0IpxhJFQoH31MV_uf543TcRwxuDIogMZlQX3ub5mWtIX2Jxlrg6K2Y6lt5Owkx7sHLvra9le4trkQJ7DNmO&pv=2

http://download.brother.com/welcome/.../465-INST-WIN7-A.EXE

http://download.brother.com/welcome/.../465-INST-WIN7-A.EXE

Latest 30 of 34 download URLs

Scan 465-inst-win7-a.exe - Powered by Reason Core Security