apache-openoffice_setup_download.exe

DownloadGuide

The application apache-openoffice_setup_download.exe has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup program which is used to install the application. During install, it bundles potentially unwanted software on a user's computer at the same time without adequate consent. The file has been seen being downloaded from apache-openoffice.pro.de.
Product:
DownloadGuide

Version:
9.9.9.9

MD5:
66b54f6ce81ee3c400742ee5b40eaa3a

SHA-1:
d95abfcb6a09ab1ea7fae37bdff4683262899074

SHA-256:
20a05394bb2ada9ad6cbda6ed19b1a679aad30036df47544945bde5c5ef05193

Scanner detections:
2 / 68

Status:
Potentially unwanted

Explanation:
May bundle additional potentially unwanted software such as adware during setup.

Analysis date:
12/25/2024 6:19:36 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/DownloadGuide (variant)
8.9190

Malwarebytes
PUP.Optional.BundleInstaller.A
v2014.04.07.04

File size:
555.8 KB (569,096 bytes)

Product version:
9.9.9.9

Copyright:
Copyright © 2012

Original file name:
in.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\apache-openoffice_setup_download.exe

File PE Metadata
Compilation timestamp:
11/5/2013 4:44:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:sIB6zWlo4w4qKcHldEmuZOTIqxcVgL5E+AXjd9ELMu7m:sIczAo49cHld1u4IAcS/Ab+Muy

Entry address:
0x6280E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
386.5 KB (395,776 bytes)

The file apache-openoffice_setup_download.exe has been seen being distributed by the following URL.

Remove apache-openoffice_setup_download.exe - Powered by Reason Core Security