adberdr910_ar_ae.exe

NOSSO

This is a setup program which is used to install the application. The file has been seen being downloaded from ardownload.adobe.com.
Product:
NOSSO(R)

Version:
2.0.0.24

MD5:
26d82a648ba797fdf882ce682e8d43ea

SHA-1:
7bef64a91009f9721210fe6df853c7c45a7bf8e1

SHA-256:
b502fbcc79d00f7782b862b08c53acbc41d0cab3826f549274eba1df33223b97

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/24/2024 5:27:22 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.Uploader.24614
9.0.1.05190

File size:
5.2 MB (5,483,291 bytes)

Product version:
2.0.0.24

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\adberdr910_ar_ae.exe

File PE Metadata
Compilation timestamp:
8/29/2008 5:51:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
98304:ocKR5s8516+X6s1QGc5i1FkCyZWU/iq8bSg6i9q/OCkJpGxjSjyiLBwmlEFpAqeG:or5X3X6s1dc5iksU/iq8utuMksSjyMwH

Entry address:
0x55F61

Entry point:
50, E8, 00, 00, 00, 00, 5B, 81, EB, A2, 01, 00, 00, B9, C5, 6D, 01, 00, 2B, D9, 8B, F3, 81, EB, 00, E0, 03, 00, 8B, FB, 81, EB, 00, 10, 00, 00, 57, 51, 56, E8, 89, FE, FF, FF, 83, C4, 0C, 8B, AB, C0, 00, 00, 00, 8D, 2C, 2B, 4D, 8A, 4D, 00, 80, F9, CC, 74, F7, 83, ED, 09, 8B, D3, 2B, 53, 74, 01, 55, 00, 83, C5, 06, 01, 55, 00, 8D, 50, FC, 2B, 12, 8B, F3, 03, B2, 0C, 01, 00, 00, 8B, BA, 04, 01, 00, 00, B9, 1E, 17, 02, 00, E8, 67, FF, FF, FF, 8B, B2, 80, 00, 00, 00, 52, 03, F3, 8B, 46, 0C, 0B, C0, 74, 43, 03...
 
[+]

Entropy:
7.9994  (probably packed)

Code size:
92.4 KB (94,661 bytes)

The file adberdr910_ar_ae.exe has been seen being distributed by the following URL.

Scan adberdr910_ar_ae.exe - Powered by Reason Core Security