bitdefender_antivirus_2016-fr.exe

Bitdefender SRL

This is a setup program which is used to install the application. The file has been seen being downloaded from api.eptimum.com and multiple other hosts.
Publisher:
Bitdefender SRL  (signed and verified)

MD5:
259afbfe92467de39617e7ca5a38e94a

SHA-1:
def08fbbb6fc81d4f3af51a090783cb5b7566b01

SHA-256:
347486acf44a88328cfb4517a224fb6004db9f919ccb91d671901470c9c5c8a3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 7:12:33 AM UTC  (today)

File size:
6.1 MB (6,394,152 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\bitdefender_antivirus_2016-fr.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
12/10/2013 1:00:00 AM

Valid to:
2/9/2016 12:59:59 AM

Subject:
CN=Bitdefender SRL, OU=PD, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Bitdefender SRL, L=Bucharest, S=Romania, C=RO

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
760F109D9232322C280EF2C2D3F2B953

File PE Metadata
Compilation timestamp:
6/6/2014 1:29:14 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:RjL6dJj3QGxOCBRQUXxM1xXzpwd2lZeHCmbFv8hKV6wnNsp/tT2mQl1CJtx:9L6dxQGPQUXS19zvlZeiS8h/jTWl18

Entry address:
0x1D41B

Entry point:
E8, 5D, 64, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 7A, FC, FF, FF, C7, 06, F0, B1, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, F0, B1, 42, 00, E9, 2F, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, F0, B1, 42, 00, E8, 1C, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 86, C9, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08...
 
[+]

Code size:
161.5 KB (165,376 bytes)

The file bitdefender_antivirus_2016-fr.exe has been seen being distributed by the following 42 URLs.

http://api.eptimum.com/.../download.php?cmd=BC-3375946&pass=6WVG99C9&fichid=47055

https://www.comment-supprimer.com/?file=0&did=95074&vp_edd_act=download&expire=MTQ2MTQzNzI3OA==

http://api.eptimum.com/.../download.php?cmd=BC-3014032&pass=6FF3UGE5&fichid=46681&_ga=1.245246021.1986159734.1445172179

http://api.eptimum.com/.../download.php?cmd=BC-3564739&pass=GKVLP697&fichid=47055&_ga=1.228287581.1563253284.1466783267

http://api.eptimum.com/.../download.php?cmd=BC-3181015&pass=5RM36H79&fichid=47055&_ga=1.205078808.982824097.1452102629

http://api.eptimum.com/.../download.php?cmd=BC-3589974&pass=Y6UWD9DH&fichid=47055&_ga=1.171523360.1875465663.1468048645

http://api.eptimum.com/.../download.php?cmd=BC-3053728&pass=5TG936W7&fichid=47055&_ga=1.81112734.884991299.1455664376

http://api.eptimum.com/.../download.php?cmd=BC-3646610&pass=2Y5TQ4CU&fichid=47055&_ga=1.220723408.995216275.1471075450

http://api.eptimum.com/.../download.php?cmd=BC-3713476&pass=XX56W5U4&fichid=47055&_ga=1.48877156.318331382.1474036592

http://api.eptimum.com/.../download.php?cmd=BC-3494019&pass=97L2C66L&fichid=46681&_ga=1.138701107.1244591887.1463210000

http://api.eptimum.com/.../download.php?cmd=BC-3128553&pass=9HN9WJ77&fichid=47055&_ga=1.95955034.718244859.1449562456

http://api.eptimum.com/.../download.php?cmd=BC-3449686&pass=73479VZU&fichid=46691&_ga=1.94390044.1665095236.1470231419

http://api.eptimum.com/.../download.php?cmd=BC-3527727&pass=H45N534Q&fichid=47055&_ga=1.211221590.2118795163.1473589245

http://api.eptimum.com/.../download.php?cmd=BC-3710515&pass=2CW46UNK&fichid=47060&_ga=1.42592301.928632460.1473920667

Latest 30 of 42 download URLs