aimp3.exe

Artem Izmaylov

This is a setup program which is used to install the application. The file has been seen being downloaded from www.afterdawn.com and multiple other hosts a known adware distribution point operated by AfterDawn.
Publisher:
Artem Izmaylov  (signed and verified)

MD5:
45a3aa43696b8e26d318b2d25bcd4d9f

SHA-1:
e517fe3f55857345a47aa271b4cb2c86b3536b7d

SHA-256:
d2d6f005a3549671ee93e6bddc4f21cfb3b945d4a6326e739f3c2c84d940322d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 12:34:20 PM UTC  (today)

File size:
7.2 MB (7,547,200 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\soft\aimp3.exe

Digital Signature
Signed by:

Authority:
StartCom Ltd.

Valid from:
11/6/2012 6:28:30 PM

Valid to:
11/8/2014 12:36:54 AM

Subject:
E=artem@aimp.ru, CN=Artem Izmaylov, L=Tula, S=Tula Oblast, C=RU, Description=N0TtN9z9A3cgEBOy

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
07ED

File PE Metadata
Compilation timestamp:
5/17/2012 11:46:35 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:kL0yGAGbPJNCD1IcV3TcRij+O5Cou9B1LYy1LI+:kLozbPC55Jc4jiosLYy1LD

Entry address:
0x12C2F

Entry point:
55, 8B, EC, 6A, FF, 68, 78, 5C, 41, 00, 68, C0, 2D, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, A0, 41, 41, 00, 59, 83, 0D, 44, A9, 41, 00, FF, 83, 0D, 48, A9, 41, 00, FF, FF, 15, A4, 41, 41, 00, 8B, 0D, 3C, 89, 41, 00, 89, 08, FF, 15, A8, 41, 41, 00, 8B, 0D, 38, 89, 41, 00, 89, 08, A1, AC, 41, 41, 00, 8B, 00, A3, 40, A9, 41, 00, E8, 1D, 01, 00, 00, 39, 1D, 30, 87, 41, 00, 75, 0C, 68, B8, 2D, 41, 00, FF, 15, B0, 41...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
72.5 KB (74,240 bytes)

The file aimp3.exe has been discovered within the following program.

AIMP3  by AIMP DevTeam
AIMP is a free audio player for Windows. In version 3, AIMP got its own audio engine, and full support for ReplayGain was added. Also, the music library interface was revamped, with new transparency effects.
www.aimp.ru
1% remove it
 
Powered by Should I Remove It?

The file aimp3.exe has been seen being distributed by the following 30 URLs.

http://www.afterdawn.com/software/.../download.cfm?version_id=63921&software_id=2070&mirror_id=0&installer=0&perion=0

http://205.196.121.198/s58fzqttlsyg/.../aimp_3.50.1277.exe

http://s6193.chomikuj.pl/File.aspx?e=UpI4hpqfITq7kArkvL6eKk7kfmI4zMa4c-LHj8Ux6HKNaAEOrIB1RhMImw3jD5SAjVou7f21R4uhztnGdojBiyJyLw0g4RVUyjM2kJ25yVCwbagD4g6e47bUNOeP9Iesa9S7HN0t7DrhKOaj_x3zQerwQyn4Dx_Fvihg77R_UISTszDvb0ejVDkBq1nQFVaz&pv=2

http://biblprog.org.ua/go.php?site=http://files.biblprog.org.ua/soft/A/.../aimp_3.50.1277.exe

http://i.download.idg.pl/fannef/516ccd0d9a090a3529b71c1eea668567/57f6a13d//vol2/w95/odtwarzacze-multimedialne/.../aimp_3.50.1277.exe

Latest 30 of 30 download URLs

Scan aimp3.exe - Powered by Reason Core Security