aresregular215_installer.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
MD5:
29381926d28c70275bf41f1dadad6ad3

SHA-1:
324e49f5448c307af9f3722c4dd2a5d531f6f9fa

SHA-256:
5294d3b105bc0580efea4339a625646f419390532caa26a26e02de5de50ef8eb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 3:52:42 PM UTC  (today)

File size:
2.3 MB (2,439,433 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\aresregular215_installer.exe

File PE Metadata
Compilation timestamp:
2/17/2007 1:48:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:bXXFWIrtBR2UXwMTFowGPqWynRbLRlewau1dEHYqnED6:7XFWIrthpuy/Rb1Duva6

Entry address:
0x3154

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 14, 40, 92, 40, 00, 33, F6, C6, 44, 24, 10, 20, FF, 15, 30, 70, 40, 00, 53, FF, 15, 74, 72, 40, 00, A3, F0, F4, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 60, 98, 42, 00, FF, 15, 5C, 71, 40, 00, 68, 30, 92, 40, 00, 68, 40, EC, 42, 00, E8, 31, 28, 00, 00, FF, 15, B4, 70, 40, 00, BF, 00, 50, 43, 00, 50, 57, E8, 1F, 28, 00, 00, 53, FF, 15, 0C, 71, 40, 00, 80, 3D, 00, 50, 43, 00, 22, A3, 40, F4, 42, 00, 8B, C7, 75, 0A...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file aresregular215_installer.exe has been seen being distributed by the following 24 URLs.

https://dw.uptodown.com/dwn/OYM3tsp7CbnVo92tf0nBDXDq1Zzb_l_f8Pzw2Tvth3dSGQ8XAhaabyCRHM42evo73vK18VE9ff7NRZWOCAF7K7SNvEc9F9x_WsVSRSUhkA_4-nQkFqxpbzWg-vtjlhLI/bvMbxsMtLiRO_zGnt5aci_bOGBtuQsM279QdNblthRpmNDk8YUzZB51lvh3aACbeYUG_aGU3YCTCskmMzxU0U3x23qKdyuRyDdi5x2R-7YqZaOVQgq_hCB8SuXop3tdA/7o7VkMTwUlXKLuz9NyRijz_qG69Ah5_PfSE_yzJlEhJHjvR1UZR_-UHrgq0-xOFnndUUZQvB0lWAkQU8Nox_LSrVy7it7E23TEBA7ENPn1fFsGMV0bIuWgtjTIp46nbt/.../

https://dw.uptodown.com/dwn/-qD66_504YMkwxGzyAlB2v47MmkKebUzqjqxuW9eMyjM_0cG9FHkNEt169NFH_DMuNHzRCo4uIfNqq1EuxnGSMaaEKEy9HMc1dW3eiY26jQaBAO3EUsDAqLABQPfXKua/6hfBmvPk_Nm7MVS-vGGk0og4CE7zoiT_VDlCuxVTwARdrpX8FNxHPyHwa_SpT3MrQ4rsy9aCyei9ZPmnNUNWcAFko_KAoJ0KyvB_0pjAhl-UseLGMQFUElBPsEo_Qndb/TZUi8dRaPO3imHIDW8dKXNvAIEsIE6Kd8LiCbTgf5RmtAMUAy-qEFHey8vjwwWESHYUbONlTNwDEu_NhZ6FbTnqnIr6zgDAMzy1vyUHd1EeOy63YH4ploThXPTjhJCRg/.../

https://dw.uptodown.com/dwn/VzOKtEnNiHoIHXMBD5wyLpKTjy0VjqDNpPIXKKHaqSrCSRlQ0NJOGL2SydvPdFap1qqXKDIVGvIHSmsP1QuSbOkNzlQtUArJTqslqCI2qgW_Lp7zWjX4nWXbjYc3pzH-/TbJ009323fNcf24nmkjcVswxtJg68AY-JbGe9RDSa7XSyiEkYbDOliQ1HeY-sQ0lDQhql-hNS9qaXh07JvC-vRBsAgC5_cN4dPyOnR80mtUPVRpkq4lqaM4EWcmAWrZQ/IrAu9r7cDKI1ttiofyR_CGJzK_5_kGWow0PwmUPtsusEQJNf5up4mtNqqV2dNFFkjxOOH5XwA-gABLa_0Mr7SWhpLAzK12lwYysbq5_omH3gI0bdxdulhq9ODQH9G8y3/.../

https://dw.uptodown.com/dwn/I-EplQ1gC7BrzvW3aHrlPm7DGHBFykmdPnd1aN1VkaFXYnS5IBQJNaAPXsQfl9YCehLPYyGFy7heC3z_nEDv247ZQurcB5o382K3sFRXC3tk7pevMlJ2psn74rbuPdp8/1iJis9YMukWWc0j0Dql1QBif7BIFmuFRGQYOxJ5ygj3UcuitOZVl3Nxj2YuRtQGH5Vs3kuG7O94c7SZUoqA1mmtog7BwgKKCh55x159daurE50oBGwR7aXlqx_EJHdZC/9GeoyOl5j3IyPw4ALIcaZnXFdQGbmkriVRznjsKtbcccu22eXsHsxjfAfhEpSOG7mCRIlQZ3Rm0daaOW5VnViODnQ5kUTj8JLOUvZ2vF5FeOqFOHKbp4JLzPydz7EERW/.../

http://ufpr.dl.sourceforge.net/project/aresgalaxy/aresgalaxy/.../aresregular215_installer.exe

https://dw.uptodown.com/dwn/l0vRQYFkocjCUPDErN8CwpEXMCtZI2WMN2TKpHn5pfAzZqqPKqlhnVCnUDTq9VDXp9Uju3rAhKkAJOnc3bDLSAXjJLKMeNGRgUjdNDND4uzouJ1YgXKPe7IFvLC9k1v2/iULXk6R04-jocDXbVdEd7BQHnebsew3H91dKPEHFrrqWzUbrTOYVnVWKcQHcMLWKj-evd7ER7We0zL4RMVxv17zl1m9rS2DNon_FvG8PNzL_HGQ7wsHeOnmMKUPTy1Xr/UqDvTSWbrFu5g_DPiyjcQV5GMuZ8Mz7GiyHBO1ML9tQsZIwkDbbZfmjAYFjJk4pJTzHLKBjviXLdV9YLFxO1zJAhrhZpYtjLpE2dzIvzDWwdfEu208BbQsoqfxUnjH2I/.../

http://ftp.stahuj.cz/dl/9cfc81b2adee9a7027f9a028d5d139d8/4bf3f866/stahuj/download/software/secured/a/ares/.../aresregular215_installer.exe

http://depo.tamindir.com/dosyalar/.../3558-aresregular215_installer.exe

http://gsf-cf.softonic.com/324/e49/.../file?SD_used=0&channel=WEB&fdh=no&id_file=94073&instance=softonic_en&type=PROGRAM&Expires=1472723827&Signature=UDAhWn3UZDU6iivk~WkCAtV0InWIUFIhFGNUCYp4J7uyP48JYAeC1n7vrOq3Aq5rPKkucRYUGVIz6V-G0zQ7LLrSBdkXV6D6-TF~3UcMu0M75e7Qbrb2QG0aRd6KhYaI8Ph9Eflfl~RSg47TraIbTndZaz93dZMVees~FWSSBKE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=aresregular215_installer.exe

http://s6019.chomikuj.pl/File.aspx?e=qjZgxqZYAD9-Yx5ljd_5SdYyBC-mJos0COPZC5uICaCdHQu-OYxxf0vZ27eZgSvIF8CdwWNZ4rbIJt2XJUk3u6sNLBzOrKQK7Yg61uqJNOgOiY4Sz_8--qW1odspureL67BCaGcxLmZsbYCrQnz_yAwn43d326FyuWq8y9M5Pks&pv=2

http://us-mg5.mail.yahoo.com/.../download?mid=2_0_0_1_3256742_ADdwimIAAAZhUY6voQAAADAvnGg&fid=Inbox&pid=2&clean=0&appid=YahooMailNeo

http://filehippo.com/download/file/.../

Scan aresregular215_installer.exe - Powered by Reason Core Security