cyberlink_powerdirector_downlo.exe

CLDownloader

CyberLink Corp.

Publisher:
CyberLink  (signed by CyberLink Corp.)

Product:
CLDownloader

Description:
CyberLink Downloader

Version:
2.9.1.5621

MD5:
9ce032f2d8a1ce38cf3f7a58fa77ec78

SHA-1:
bf0b826b9014ad3ed985fec19096fcb11bc2800e

SHA-256:
ddfda523f281906bb9057833f55c4508e1e4f3f55ebb8d40399f600e94dede79

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 1:51:44 AM UTC  (today)

File size:
1.2 MB (1,299,304 bytes)

Product version:
2.9.1.5621

Copyright:
Copyright (C) CyberLink Corporation. All rights reserved

Original file name:
CLDownloader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\idm\dwnldata\eudes_is_back\cyberlink_powerdirector_downlo_245\cyberlink_powerdirector_downlo.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
11/15/2012 4:00:00 PM

Valid to:
4/12/2015 4:59:59 PM

Subject:
CN=CyberLink Corp., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=CyberLink Corp., L=New Taipei City, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
799AC3976095546D05DE5395166BFF83

File PE Metadata
Compilation timestamp:
8/20/2014 10:39:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:L2XAJ0rCcVPLe00uwmI+BM4FqkXvLZOx6rjKEYLIeaWU:LJbIm+249/LoqjKtiH

Entry address:
0x8D44B

Entry point:
E8, BE, B1, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 83, EC, 20, 53, 33, DB, 39, 5D, 10, 75, 20, E8, D4, 2B, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 1F, D5, FF, FF, 83, C4, 14, 83, C8, FF, E9, A1, 00, 00, 00, 8B, 45, 0C, 3B, C3, 56, 8B, 75, 08, 74, 21, 3B, F3, 75, 1D, E8, A5, 2B, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, F0, D4, FF, FF, 83, C4, 14, 83, C8, FF, EB, 74, 3D, FF, FF, FF, 3F, C7, 45, EC, 42, 00, 00, 00, 89, 75, E8, 89, 75, E0, 76, 09, C7, 45, E4, FF, FF, FF, 7F, EB...
 
[+]

Entropy:
7.1022

Code size:
660 KB (675,840 bytes)

The file cyberlink_powerdirector_downlo.exe has been seen being distributed by the following 25 URLs.

http://gsf-cf.softonic.com/d83/009/.../CyberLink_PowerDirector_Downloader.exe

http://low.software.dn.naver.com/f4b6ad4977ab8009690176bd4ebbf8c8/.../CyberLink_PowerDirector_13.exe

&onid=13631&oid=3001-13631_4-10483012&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=video/editing-production&topicbrcrm=windows software&pid=13816152&mfgid=83867&merid=83867&ctype=dm&cval=NONE&devicetype=desktop&pguid=29c698a56fcbdc50d0098637&viewguid=Q-tTmMCWtImSTkVkRkm2kuJcx0ZjrmKcvEbj&destUrl=http://software-files-a.cnet.com/s/software/13/81/61/.../CyberLink_PowerDirector_Downloader.exe

http://cyberlink-powerdirector.soft32.com/get/file/id/.../

http://high.software.dn.naver.com/f4b6ad4977ab8009690176bd4ebbf8c8/.../CyberLink_PowerDirector_13.exe

http://www.kqzyfj.com/click-2075874-10795535-1427101035000?url=http://update.cyberlink.com/ftpdload/Patch/PowerDirector/DL/.../CyberLink_PowerDirector_Downloader.exe

https://d1ob5g40gc5b6g.cloudfront.net/13/122622/.../CyberLink-PowerDirector-Downloader.exe

http://dnlimit2.simfile.uplusbox.co.kr/.../httpdown.cgi?orgfname=CyberLink_PowerDirector_Downloader.exe&filename=SS9WRVJDUnFULVdDSHVLMkw N3ZMQ2NzS0JPYUxPLmVIT0MuTD9ALUpTPSxMaGA4

http://esd.sd.nzs.com.br/programas/.../271-CyberLink_PowerDirector_Downloader.exe