cleanup40.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from am4-r1f9-stor05.uploaded.net and multiple other hosts.
MD5:
4060b6c2345c0212d359d592fcad103a

SHA-1:
73637e6ece1c70a8af7a9d0647bf58479dc66482

SHA-256:
7a119c913a90feb1b20b9c1bf382dedb23feb4b4a09833095568141596abef48

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 2:46:51 AM UTC  (today)

File size:
311.3 KB (318,775 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\cleanup40.exe

File PE Metadata
Compilation timestamp:
10/6/1999 6:33:39 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.0

CTPH (ssdeep):
6144:IA0I4GRcV3+RmvwXBYzEdFAiieDH23rgwAHgcN9bjOrPQd28SWejN/xf3OTp:BjFRcsRmIXAJeDH27gwAHlNoQd/J+te9

Entry address:
0x1020

Entry point:
55, 8B, EC, 81, EC, 14, 04, 00, 00, 53, 56, 57, 6A, 00, FF, 15, 08, 41, 40, 00, 68, 00, 50, 40, 00, FF, 15, 04, 41, 40, 00, 85, C0, 74, 29, 6A, 00, A1, 00, 20, 40, 00, 50, FF, 15, 20, 41, 40, 00, 8B, F0, 6A, 06, 56, FF, 15, 1C, 41, 40, 00, 6A, 03, 56, FF, 15, 1C, 41, 40, 00, 33, C0, E9, 0C, 03, 00, 00, 68, 02, 7F, 00, 00, 33, F6, 56, FF, 15, 14, 41, 40, 00, 50, FF, 15, 10, 41, 40, 00, 68, 00, 02, 00, 00, 8D, 85, EC, FD, FF, FF, 50, 56, FF, 15, 00, 41, 40, 00, 56, B8, 00, 00, 00, 80, 50, 8D, 8D, EC, FD, FF...
 
[+]

Entropy:
7.9833

Developed / compiled with:
Microsoft Visual C++

Code size:
2.5 KB (2,560 bytes)

The file cleanup40.exe has been discovered within the following program.

Firefox 13 adds and updates several features, such as an updated new tab and home tab page. The updated new tab page is a feature similar to the Speed Dial already present in Opera, Google Chrome, Apple Safari, and Windows Internet Explorer.
www.mozilla.org/firefox
12% remove it
 
Powered by Should I Remove It?

The file cleanup40.exe has been seen being distributed by the following 9 URLs.

http://am4-r1f9-stor05.uploaded.net/.../ebf2f2cc-4c01-405b-bfbd-f64b11f5872a

Scan cleanup40.exe - Powered by Reason Core Security