cwk252_setup.exe

This is a setup and installation application. The file has been seen being downloaded from www.bytesendclear.com and multiple other hosts.
MD5:
f7f1f9b85a39d1e1abd25a53ac95c733

SHA-1:
5ae13135a5af161133fe458a0746ce694423b0f6

SHA-256:
9ab0e8e237d9868f50fb3d8d36c08d9cd5dbf6b222202a6c393c4264f17ada9c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 1:34:27 AM UTC  (today)

Scan engine
Detection
Engine version

SUPERAntiSpyware
Trojan.Agent/Gen-Injector
10660

File size:
832.1 KB (852,038 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\cwk252_setup.exe

File PE Metadata
Compilation timestamp:
3/15/2010 7:27:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:qutr5OUBoXNNrmaJ2gMrtbxi55aT6w8dO4SXI3mT7:quXbo/9qbq68ktR

Entry address:
0xA7B1

Entry point:
E8, E3, FE, FF, FF, 33, C0, 50, 50, 50, 50, E8, BE, 2B, 00, 00, C3, 56, 57, 8B, 7C, 24, 0C, 8B, F1, 8B, CF, 89, 3E, E8, D0, A7, FF, FF, 89, 46, 08, 89, 56, 0C, 8B, 87, 1C, 0C, 00, 00, 89, 46, 10, 5F, 8B, C6, 5E, C2, 04, 00, 8B, C1, 8B, 08, 8B, 50, 10, 3B, 91, 1C, 0C, 00, 00, 75, 0D, 6A, 00, FF, 70, 0C, FF, 70, 08, E8, AF, AC, FF, FF, C3, 55, 8B, EC, 83, EC, 1C, 56, 33, F6, 56, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 40, 22, 41, 00, 85, C0, 74, 21, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 44, 22, 41, 00, 8D, 45, E4...
 
[+]

Code size:
66 KB (67,584 bytes)

The file cwk252_setup.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file cwk252_setup.exe has been seen being distributed by the following 50 URLs.

http://www.bytesendclear.com/NG3NfrBmA0v5o3mU8_5ecSmoKbJhpSc7zHqudhAsTI9w3zqNDMcK6p5BS9jHVJOD22WHqhXj1QkXWVTf0Mz0eX7YB6wXdRd1VBv1fmbaEd78h8WImMaHbdapU0Vs2xWFdjJWMsR1Svmj_ITXZjiZ_r9hDJ9nH4lT5Nn KYRsALF7sYqkuD69_kfftqneaFge2MDLZo73msrk2wnI gh8NXAk3UAW2C49d rxFzGhMHu1CCOEeCEMc8Ka79IuoXtxOFdUvzk2sl4XcVMpX6T91 hcjw67emgQuDV6AorLQVr1lAl8yqjZrpPsbwpe58UelzVnDKXRUvA27yWhkUjQA7xui4GOE2LCLmU3kFnKdr7tCa8BPhJwFCIy5_OHz2jCu1Q7r2AVF78mtm3YS7CaCD0Zs_zdktALgvMF3y5KCwTMuw0fevf4Ms11p1jU Ub 6nmBm3RM tNd9g5RgLMr103T3tdtyaT0IKvTGfsDT ZB PxVJWgpEfNiDoMEiPfguUSFARoMuYIt0_SBQ4kDHVhnuj6PxJKuqY6krSn3 BuVRgnx0ZPHRAtxIwJuup mdKq_YUy9hzB_5DOI9YAwOEcQR HVliqKa3ZPb1lDGEXTe02mHiQ=-G3QAAOR0Tam FXqZAnKTyxUAHiZy4NDSROzy3DDQGyPqyI1QigVY0JZFWTZKDl8s5TUWDbc3lJOzUwOmPvYJ1MC3AN34ekKNc_ 2A3oGbR_Rp954AUyn_VfeekJ8cQ==

http://www.bytesendclear.com/cj Mo0UT2teWTb0qReR6c_BwbtJAr8LojKRWEq6AKNO8TnCdlgLRpjCiXsspLX2W_X8dLmXOcHNoJQrBkgVuVxPkCjmoH9li74VNf5AjWY1OI6UsiJNEZXRaOTMZ6m7o9nHi0uHLFJ38pUOq3tYRLRGKJo99ayzL23BXxSs54LQKP1FvdoBRcA_Q3fbjpnU_dZ3CCMX9vXiXFWBtPp5_hYdrbEYcf6i3pzEtcpN12IWefWKsssaJZ1z8C0Rlvvij_gdFEUyqpmujR7YleM_m4EsS57Etf C1fccLRDIr4NOlB4LOi342OFeltn0FveYSv_Ne9HVjqmt dOs7SuhQMQuc1zl7jURE3QxfjTTZvW6AMu6jAGqfLK8q76hFPXc9P15qPqB98yarmqJhcG3M70kDP_U_ssDNTdv1NfRJlEKJxO6Ey0Fha79BqFfAbC_5CIGgy5lts_0bJrYUCCC75P8k2GOcL3H01HsG6fM 2RYEabLJInjQVF2CRe3wn7XWjSSLUaxrnT6F__zBSzWZIyIucnSx088LjhH JhzQEo5qhcMW24NGf9RoGoAEvahemQbgTVJ UckRKq8MMUWgmJrSkjz ApVRJRRr0lxvm4kZN35F_Gg=-G3QAAOR0Tam FXqZAnKTyxUAHiZy4NDSROzy3DDQGyPqyI1QigVY0JZFWTZKDl8s5TUWDbc3lJOzUwOmPvYJ1MC3AN34ekKNc_ 2A3oGbR_Rp954AUyn_VfeekJ8cQ==

http://s6995.chomikuj.pl/File.aspx?e=85mc05-FgI7NBMyQwNsal-fqedUv3_BCPp1huUeRh_OTOWlFKEKx_5-vZEX8E4mTfL7qLu0u6hxeoRMecLhKuF5CKC1tG8lVHylplsB4S8Sye6w__ZVmuV4NS7AhvJxpkipWXjQ-wsHFNP3WBwxtFt3GKK9cPSpss96eShcdMdOG9AaBeTPtnVl8U_hkUwzC&pv=2

http://s6995.chomikuj.pl/File.aspx?e=85mc05-FgI7NBMyQwNsal-fqedUv3_BCPp1huUeRh_PCbJHjDf3FWIHW2B4VK9KuUX5PeHyzMHB8rAhvzc_dM6cq1hS1zR-oYfR7_IeiUUMunGm44R18CHYm9lvlqsIqMaUVzELPSJeC1L1g73A2OrTMPW3xk4LwVTVhv60TzHlukMTYwLNTBuaL0rsup6JD&pv=2

http://dpcdn-s11.pl/.../cwk252_setup.exe

http://cdn.goodsoftwarelist.com/c?x=hYdK6DUonz/Exw9kogfY7LYA /Z6TvING6YAsDbIQBw=&c=W443zFMRieLQ75RLqOowEMXqFSLRBEA0re51e8DvXGaKnROnwGLPoKs7WZAe8VLjJJLUYjMVVb1WoFbJtzp0 sxbspXewH8GM3a c46uNnVORcXh5tzl7eFYdWrLTJPuQ20E3j04V7mvK0P9vMXzjQ==&fallback_url=http://storage.dobreprogramy.pl/.../cwk252_setup.exe&downloadAs=Czasowy-Wylacznik-Komputera(12320)-dp.exe

http://s6995.chomikuj.pl/File.aspx?e=85mc05-FgI7NBMyQwNsal-fqedUv3_BCPp1huUeRh_NFklZnJEORoEkO2yyoXDP5NaNELdJ7OTVmmgEhD-vzL9ca9QzhSufKEq0QhBIBUuNjxQB1IIUFzmdwZV2IxlNbVPkCdUnRqoFZRy1-Rsd96DCoRMu1NefsGzWxbZfWoZ81UWVfiU0oVasXksOasr7wq8mPMlUfdwoK8d_9_Gs-wajD62tN0ltWDE6GBOEBToc&pv=2

http://s6995.chomikuj.pl/File.aspx?e=85mc05-FgI7NBMyQwNsalyXgVkk-TwmcVeE_-N_GmzLzeXB7cBrb8owitdh8oxd5cxtEbS1U293AZmev5E3oB07EiFyG6HXHrqHfKUuBxxUCd2fadkLnifkkiShhn2151o9vmwKIZym9CpzJwAWu92UGrlYr3wAz8GMuze1hqis&pv=2

http://s6995.chomikuj.pl/File.aspx?e=85mc05-FgI7NBMyQwNsal-fqedUv3_BCPp1huUeRh_NNIv4PF0Lg--4pYAA5YPB5B3Z5DibQdw0YBZGTlgTZs7AqlbLOAoHKfa3HXBMG9CW4cexc_2HIy5RtRpCn4RCkGGiHyuNFnvokdEWclXMpMsyQEXwqWU_9gFGODQS-SEIMqwrIZQK1GTDyzYcHY9-V&pv=2

http://s6995.chomikuj.pl/File.aspx?e=85mc05-FgI7NBMyQwNsal-fqedUv3_BCPp1huUeRh_Ohx03vKCetXqiE1yn1HHoByxZk013bzKfNjs2R22vq5hGWm6mfO1-mRq7BYPyioGxwSuj9VYVVFOvk_hRmMmmIxZ1MvJpr9xxrAC9jCLrNZ03C6SQxBdvJNtO9Oy3MceTVN6-OKUo7IKAGLzVfQKKD&pv=2

http://dpcdn-s11x.pl/.../cwk252_setup.exe

http://s6995.chomikuj.pl/File.aspx?e=85mc05-FgI7NBMyQwNsal-fqedUv3_BCPp1huUeRh_OMKxWKNi2PHpkyOaa-nbxY2KljPvsX8UQq3FthmDR3bmjeMF_qQzGYidsapwrAO-vjZbojIeUhBGlBMgjI93cu172GXhKqFXdQQZ7wq7JC5VwFISaWT2rBYtoJiH_QIvwDgUkTk-WPb8Grmheyi2wk&pv=2

http://s6995.chomikuj.pl/File.aspx?e=85mc05-FgI7NBMyQwNsal-fqedUv3_BCPp1huUeRh_MPG92t-QDpXtlSGxwfZDQ2SMH537fcncaW0f_I6T4w65uqDZbsnEhFAd4WbvBwtgBvDB1y6zUV7LhbSdy24ID_BDmyeYUTGsDORTEtU895ZkatI2RCq8oVjfhMKyKoIg1ljZWtGYWYZanoD6suCqZP&pv=2

http://www.bytesendclear.com/WVl6OTRQU1V5Um5WME5tcEdaamxFVEhjNGRXaFNTMjR5TkdNelFqUlNSMHd6TWt4dFdqTmhiR0p6UlhSSFdIcEdkeVV6UkNabFBURW1ZejFYUTNVNFdYTjVlbnBuYVhwU05WcDBTWE15TmlVeVFteERKVEpHWWpaNVdIZEhWRXhKWTJsMk5ubEVSVUZtYTFnek4yVjRlRE4yU0djbE1rSTJRbTFYWXpWeU1qWTJiM1UxVlNVeVJqbHdOMHBwVm5veFpuUkViRGQ1Vmt0d2VUZEdUMFprY1ZFd1YzSllabTVpTkd0cWNWbDBaMFJwUkZaTlkwWlZUblpuYW1kTFlYVktPV3N3ZWtab1REWjNkeVV5Um1FbE1rWnpaV1ZSWlhGa1YxWk9WSGNsTTBRbE0wUW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQWxNMkVsTW1ZbE1tWm1hV3hsY3kxa2IzZHViRzloWkM1d2IzSmhaRzVwYTJSdlozSjVMbkJzSlRKbVFXdGpaWE52Y21saFNVNWhjbnBsWkhwcFlTVXlaa0YxZEc5dFlYUjVlbUZqYW1GUWNtRmplU1V5WmtONllYTnZkM2xYZVd4aFkzcHVhV3RMYjIxd2RYUmxjbUVsTW1aamQydGZjMlYwZFhBdVpYaGxKbVJ2ZDI1c2IyRmtRWE05UTNwaGMyOTNlU3RYZVNWak5TVTRNaVZqTkNVNE5XTjZibWxySzB0dmJYQjFkR1Z5WVNzb1ExZExLU3N5TGpVeUxtVjRaUT09

http://dpcdn-s11q.pl/.../cwk252_setup.exe

http://s6995.chomikuj.pl/File.aspx?e=85mc05-FgI7NBMyQwNsal-fqedUv3_BCPp1huUeRh_OaHs50P6Ygjdj0D-RoZMpEPCzoKntE1MYi2YiMgcCy4-iEcP51LyxwqqdO0yny02Ko0QX5QSWYV_0lKs30Tc5Dxsi3o4hLVUQwb_LdKcrr60vvuXzDKtfHQIJMdv71wM3wZPU8r69p0gbUbpJ3tyWV&pv=2

http://178.33.48.31/programy/.../cwk252(programy.net.pl).exe

Latest 30 of 56 download URLs

Scan cwk252_setup.exe - Powered by Reason Core Security