cyberlink_powerdvd15_downloader.exe

CLDownloader

CyberLink Corp.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.applicationconecptclean.com and multiple other hosts.
Publisher:
CyberLink  (signed by CyberLink Corp.)

Product:
CLDownloader

Description:
CyberLink Downloader

Version:
2.9.1.6109

MD5:
4b119cb1ff88edef2bb4d962aebff81c

SHA-1:
6fce169a0a354beec250dd936a71b2400459e58d

SHA-256:
f3003a7a1adaf5f623004141cf3cba029727d2cc57a05eae160d32ce150c15e6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 8:24:26 AM UTC  (today)

File size:
1.2 MB (1,209,192 bytes)

Product version:
2.9.1.6109

Copyright:
Copyright (C) CyberLink Corporation. All rights reserved

Original file name:
CLDownloader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\cyberlink_powerdvd15_downloader.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
11/16/2012 1:00:00 AM

Valid to:
4/13/2015 1:59:59 AM

Subject:
CN=CyberLink Corp., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=CyberLink Corp., L=New Taipei City, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
799AC3976095546D05DE5395166BFF83

File PE Metadata
Compilation timestamp:
1/9/2015 10:29:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:8aSB9F2NqBbKDwhjWxQMLyOqe3brZ1BjlOx6rjKEYLQeaW6:8/F2NuRtORrrZAqjKtq9

Entry address:
0x7C347

Entry point:
E8, 0B, B0, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 83, EC, 20, 53, 33, DB, 39, 5D, 10, 75, 20, E8, F4, 2B, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 16, E6, FF, FF, 83, C4, 14, 83, C8, FF, E9, A1, 00, 00, 00, 8B, 45, 0C, 3B, C3, 56, 8B, 75, 08, 74, 21, 3B, F3, 75, 1D, E8, C5, 2B, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, E7, E5, FF, FF, 83, C4, 14, 83, C8, FF, EB, 74, 3D, FF, FF, FF, 3F, C7, 45, EC, 42, 00, 00, 00, 89, 75, E8, 89, 75, E0, 76, 09, C7, 45, E4, FF, FF, FF, 7F, EB...
 
[+]

Code size:
588 KB (602,112 bytes)

The file cyberlink_powerdvd15_downloader.exe has been seen being distributed by the following 29 URLs.

http://www.applicationconecptclean.com/w_kcZy_BkICLqURoJHxm7CZYWxY_5Jo DSZoLMvLAg8gEmtQRLglECrUr3tZf5kZ470OpsKt6dsm6IB3WT3XZPqT2twBET1Sekzip9kMCBZYGBsKHLDyDa8NXZVidmV4y_wKYvEDSJxqukhND4kFiHE2sp3OD RB4PwBWaxAvLJEn3r75kkVitkisXKHuLS8Gvd3889XlDesz7fVwP8vjHklB4EK5w==-G1QAAGRwXkyTWhQvgEMOnC50sdwSawsmcom25H7WuG0Jurg0O28FaMsZtZyIcM05Z0YpFE_EkOE1hjBANBaaU B_F49Rlw5cGZ4A4xcB

http://www.vaultsfarmhosting.com/c?x=b/AWhq8WWh6N/xE36ogPxhs6zFcXD93vgDLpwJZwi9g=&c=eiTGUcORjtKXk1sJb o02w8jHLuxNJ5kf3HLHCnklPhv25GP5b8gvKK2gxjd/m 5ytSxnyiZf68WLkOYlQgdLtTfDAwqAjZ36nPvSIuRrC4hY5/DxoJqqcOF7w ebIHFcklwWJ9jIxf8VIS6peHocJ2gvhi6eY5irBn/phQFwmw=&e=0&downloadAs=cyberlink-powerdvd-15.exe&fallback_url=http://pf.benjaminstrahs.com/s/1468131947/es/3/.../39913-1805842-cyberlink-powerdvd.exe

https://download.heise.de/software/ec8309296601f169a2fd7fd94c5df92e/56db5735/.../cyberlink_powerdvd_downloader.exe

http://www.downloadpresentcity.com/jHzAjPLSY7C_PHMhlAjEgSvnKiVP J53Vz1gdlluw_knKE A9vPeOdE7MlGHbH_CCOBHVr0skceNFLxBLG5pCtRhOTD19FNoPi9eDqXn7WmvtjZQ9c7QIZKmLsgTIFwaDlT3kPmO6PqPs3p8KAtOKa5EiaJll6Y99N0uCrHKD6voduWIGrAHY0RZeeVbLqADeR4eTaKK-GwUDAGTKTaosOCHg94prwjaMiAWYyAF7Wwwxn8TeGweerDHyswjMLT3GvC_O5Oh3vHfCi5Op2saJZ17GLbUwLvrcBK8iakEIBHnYiD2TSPSBCau8e9NWgpVRBIQVMNYORRuJmzCBA0EOp0wG0OeFKLkXu2wXlrmmIHCUe1SecQoBw2cRtu8IY3iWVsrWPqiF6eUk5qkKgYRYZtX3mz0kcgphUWuQcuuiINckik7AgEWWaQSh855yACtYtRFpOU9fBwQgTsswzcVzJJ4YlYgsZqFcKk3N0EjoLi9ZyC95z6Otxeq7FfPJ0cM5SW5ZQij5tvJ5KuTOashcr7N4dMDkV6ENitA4XnB05Prtgaz cj6svOyZsnLnywG F7Laq ie73jvOKnIwZ8jQrWgdaBxLe2unWUONpchm3TMncZsqLTL9Rka6dsElKL5IObU7mP_wd9eSs0ZVFUas8YBVrgvCKkE2Rl087NLyfQoJJTT UciUI9YgWUo8GLfGvFECGc5qd3ANCJbiUn7eUFETl9VlLOfEvxxxp1IpZBo1pLnVtC8n8rtVDTs9Eop8XLXD7d4ie8wGYEfD8fyKRdnOQtI0rOiKxSGDtmaY3Mj7fbnXDnc7p_eXhBfJgUkY4fECfd9j EgYyD9qfXe8_GcuXnccLs0PfTLmpxByzPhrFSQdghb7MWVDLB1cqD756f0chhGcq9P9_XftXNWgmGNHA5v eUl1zZk04DgMvk JFg91gq2EEpMjA3s4KtkAnJh

http://www.ranchsendgift.com/pUH4gpCJRjQ4Qa2hnChWNot65Ntqb1Td3rPFL9UPb fmNcz1lN4p5yikx_za5NtTs Oygt42BNpKwuhby3pzFck0Rvs2MQTRiA9MrBz5UGLw6_aDe4Gg hFjvTIkYt3FT4Cd2u5AXSR3ZHRnPK8xoFR6maMbLjUyU5G8yRj07Nf46YhMEQzTs43eyrzRYmXPaByJxeDyzpcZZcjAcndC_CgfqLgQtw==-G1wAAMRv548Td4q0u9EkWYXeIDLI8L9jHLDf6wbXADTYHmPniMLwaY0JDz3 jrvnWZk64bW56ZjbJ0VIIuVkHFs2itlTUMCDK821q8DV AA=

http://www.ranchsendgift.com/C54UPhZo7WoU9nyOYBPGyml2 PyAXhJWjNnI1k YTYfz0pNt0LC1tJncmNxciKOK 3R5jNOs22Y6Qe8HBmXkisBM96zkSABbjKtHYl0YxIoDg PUv9E20fVmwMBAml7zAXbjoiNg5ocEoX5 IhgsuykxhdSO63dSge9jr4iSt0DGgH03uM_no5XlFaSnLJe8zvybDyXhmmgnEstRnFGdTqnNq_z8qA==-G1wAAMRv548Td4q0u9EkWYXeIDLI8L9jHLDf6wbXADTYHmPniMLwaY0JDz3 jrvnWZk64bW56ZjbJ0VIIuVkHFs2itlTUMCDK821q8DV AA=

http://www.ranchsendgift.com/utxK7U5V_Kh6kZ3Nkoq90Xw nlkTJmEWqRqpyIASNmSKZV52aPbUCamMg TgYfsJPIMESP9ilD5 KjUucBVATqKWA3vHAr4k9z_4 ETTH7Qe583K6rGDW sSqznmPOmYYi2ahXde2M_DSp2h iXIO8TqBfRcXG4L22 yErjuEquHLYfmanI2Xj3 luGknKFi6e8GANxo2Oz0WpNgVFW90NU_7wYA5g==-G1wAAMRv548Td4q0u9EkWYXeIDLI8L9jHLDf6wbXADTYHmPniMLwaY0JDz3 jrvnWZk64bW56ZjbJ0VIIuVkHFs2itlTUMCDK821q8DV AA=

http://lnkr.us/get?key=b11e8793cade0a4fedc9f17323b20200&ref=http://www.baixaki.com.br/site/dwnld32152.htm&uid=z-2467-81754792&out=http://update.cyberlink.com/Retail/PowerDVD/DL/.../CyberLink_PowerDVD_Downloader.exe

http://www.softsalad.ru/.../711b64d3153a7ef7b2047d83489d8abe

temp:cyberlink-powerdvd.exe

&onid=13632&oid=3001-13632_4-10352449&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=video/players&topicbrcrm=&pid=14455721&mfgid=83867&merid=83867&ctype=dm&cval=NONE&devicetype=desktop&pguid=291edbb9d6a0c8b5d21ff164&viewguid=cB5wRqXhqvP-smDWzbKjG3qRN4L7AdxuKj7b&destUrl=http://files.downloadnow.com/s/software/14/45/57/.../CyberLink_PowerDVD_Downloader.exe

temp:CyberLink_PowerDVD_Downloader.exe