home

c96setup.exe

This is a setup and installation application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from download.siebernet.de.
MD5:
66783732393500170a3c9bd792bc6661

SHA-1:
30c6b437c3c0c18311f88ebbd2b812d5aaf08b6c

SHA-256:
8cb10b59c4575b969f28c5e0529bb48e6a3feb234aa3b8d78827c121c1ef2bc8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 8:01:38 PM UTC  (today)

File size:
2 MB (2,058,263 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\syntrilliumcooledit notwin7 et setupjmk\c96setup.exe

File PE Metadata
OS version:
77.10462

OS bitness:
Win16

Subsystem:
Windows GUI

Linker version:
2.0

CTPH (ssdeep):
49152:MD2cS8cawo2PXefUFkd1zf1F5E1d+EwpaaMPd6v2KGLcDHOE/l:89cawo2mfUFu1z9F5eddQaLguKycDuC

Entry address:
0xA0009A

Entry point:
4D, 5A, 9A, 00, 03, 00, 03, 00, 20, 00, 00, 00, FF, FF, 48, 00, FF, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 01, 00, FB, 30, 6A, 72, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, AA, 01, 00, 00, AE, 01, 00, 00, B2, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9989  (probably packed)

Code size:
192 KB (196,610 bytes)

Scheduled Task
Task name:
{071BB70E-DC94-4A0B-A794-7D01A0E257F8}

Trigger:
Registration (Runs on registration)


The file c96setup.exe has been seen being distributed by the following URL.

http://download.siebernet.de/2015-sw/audio/.../cooled96.exe

Scan c96setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.