» cxpbootstrap-native-win-1.1.0.exe
Overview
Analysis
File Details
Downloads (19)

cxpbootstrap-native-win-1.1.0.exe

cXPBootstrap

CaveXP

This is a setup program which is used to install the application. The file has been seen being downloaded from cloclo28.cldmail.ru and multiple other hosts.

File name:

Publisher:

CaveXP

Product:

cXPBootstrap

Description:

Лаунчер для игры в Minecraft на игровых серверах CaveXP

Version:

1.1.0

MD5:

766d5e442cafb0810570b281b69a7a4f

SHA-1:

891945297d9416962e9e2545d366b403511014ac

SHA-256:

291e69bd388f963595c2de687a288a6e15c4067e9d2bf35deacc2cf907da86f4

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 7:58:35 AM UTC (today)

File size:

57.7 MB (60,492,817 bytes)

Product version:

1.1.0

Original file name:

cxpbootstrap-native-win.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\cxpbootstrap-native-win-1.1.0.exe

File PE Metadata

Compilation timestamp:

2/8/2016 6:06:53 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

14.0

CTPH (ssdeep):

786432:UwOVGM4q2xlL5bGn29sy/UAB/93dqD+jUfxevtbBO6PbCqqC63aIzhGx3z9BO7vy:Ut8lagsK3EDmGx8tB2Jzhq3u7vxbyABW

Entry address:

0x31E0F

Entry point:

E8, 9F, 05, 00, 00, E9, 80, FE, FF, FF, 55, 8B, EC, F6, 45, 08, 01, 56, 8B, F1, C7, 06, B0, A5, 44, 00, 74, 0A, 6A, 0C, 56, E8, 5A, FB, FF, FF, 59, 59, 8B, C6, 5E, 5D, C2, 04, 00, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, CA, 06, 00, 00, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, B4, 06, 00, 00, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 53, 56, 6A, 17, E8, 40, 6F, 01, 00, 85, C0, 74, 05, 8B, 4D, 08, CD, 29, 33, F6, 8D, 85, DC, FC, FF, FF... 
[+]

Code size:

292 KB (299,008 bytes)

The file cxpbootstrap-native-win-1.1.0.exe has been seen being distributed by the following 19 URLs.

https://cloclo28.cldmail.ru/dznUSVMHYt5MFBUPJbR/G/.../t5NFWU6YN?key=d8f850fb2adb6b3a6fcbf157b298d68de1e929d2

https://cloclo16.cldmail.ru/p7VMoLeesoB4R9KQ87w/G/.../t5NFWU6YN?key=ad9971de11cff6ecad441a18b50f64c0142669f6

https://cloclo37.cldmail.ru/F7TcmTsuFeEfGmn4efa/G/.../t5NFWU6YN?key=f7957a6ed0851146be200fae7168005c64a2b0f0

https://cloclo14.cldmail.ru/HWDLrVu4gkEyUstufBE/G/.../t5NFWU6YN?key=abd485cef38f099da12949dc52aac89c8b741935

https://cloclo9.cldmail.ru/2eZV1mHs7dQK8N7aUcMx/G/.../t5NFWU6YN?key=8ba1c8a2f9359307e82703900dcc24e8d93bb9af

https://cloclo22.cldmail.ru/CBw9caJqqpDjXuv6Vww/G/.../t5NFWU6YN?key=a12f17cadc9fa188ab63c41c8f870ac3ffd4faad

https://cloclo25.cldmail.ru/Vq1361rp1maHVZNEuNL/G/.../t5NFWU6YN?key=1da75b6356544027291d07b3364ddafab3e51fde

https://cloclo2.cldmail.ru/9ehrhgq6scRL7KNeWcJ/G/.../t5NFWU6YN?key=07dd36aefd1f193734c80fe39364f037145eefba

https://cloclo37.cldmail.ru/LUaRBYfR1KaFja2xwWE/G/.../t5NFWU6YN?key=aed546b4e90459311354c70820d01c83d08c892b

https://cloclo25.cldmail.ru/2oMEYBhN9c5Sq8uD9n4o/G/.../t5NFWU6YN?key=a2f486af36ad3102b26ec1ad3ebd348a1d057579

https://cloclo9.cldmail.ru/2tx5FdXZ5dq3SVf65zQG/G/.../t5NFWU6YN?key=7de27ee9957b04e2401a266fd9884845547c86b4

https://cloclo40.cldmail.ru/2tdY4Cj9YL8TgyE3DR5U/G/.../t5NFWU6YN?key=4a8d717d0044ee9b3ee6e31b3bf99b6cc1bb8e57

https://cloclo3.cldmail.ru/2jt7o49TUo51je3JMBmR/G/.../t5NFWU6YN?key=9458885f46f12f357a343042cae53d541033fb68

https://cloclo39.cldmail.ru/vrmmkWEFxsC7pnQfFLH/G/.../t5NFWU6YN?key=33c378a41a27be8d94ff068c0ca44708604ecbef

https://cloclo2.cldmail.ru/2cdg43CP5wdCsQgfYKj7/G/.../t5NFWU6YN?key=057372b5d3335699bc18fe6cc82705c6ccdfff63

https://cloclo14.cldmail.ru/5qW2gXJbwpHbNtku1En/G/.../t5NFWU6YN?key=2b66a8b89a420a5ec031b1e13d7ec51676f82338

https://cloclo37.cldmail.ru/5ErJ3HPpRP8Tpe5FcZX/G/.../t5NFWU6YN?key=87473c0e53cc14125bd3e1c3698218092e751c1e

https://cloclo20.cldmail.ru/26FR4GoVdq9TAGXXXcSf/G/.../t5NFWU6YN?key=36432964055cb11df9da63553db47796bbd5030a

https://cloclo27.cldmail.ru/G5gKL4oRfJzkkP8Gu9x/G/.../t5NFWU6YN?key=efb4011d61834cdb294be881fe18e4cdb0a10edd

Scan cxpbootstrap-native-win-1.1.0.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.