dl-sparktrust pc cleaner plus downloader_2a417cd5-8ec4-46e1-bfa6-e4e174e74cbd_.exe

SparkTrust Systems

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from RevenueWire's affiliate distribution platform spark.sparktrust.revenuewire.net and multiple other hosts.
Publisher:
SparkTrust  (signed by SparkTrust Systems)

Description:
SparkTrust PC Cleaner Plus Installer

Version:
3.2.20.0

MD5:
5b7fa2ee7e11b9f7d136d25f420b0732

SHA-1:
c24df1c5b8035140f5a2fdd101e02458dd68b89f

SHA-256:
5a7d563225333e6fb0b741a33b2858b18225db430d22e6ba4983fbef5abbf52a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 1:38:34 PM UTC  (today)

File size:
10.6 MB (11,137,520 bytes)

Copyright:
Copyright © 2016 SparkTrust

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\dl-sparktrust pc cleaner plus downloader_2a417cd5-8ec4-46e1-bfa6-e4e174e74cbd_.exe

Digital Signature
Authority:
DigiCert Inc

Valid from:
3/28/2016 8:00:00 PM

Valid to:
4/3/2017 8:00:00 AM

Subject:
CN=SparkTrust Systems, O=SparkTrust Systems, L=Victoria, S=British Columbia, C=CA, PostalCode=V8R 1J6, STREET=1839-A Fort St., SERIALNUMBER=FM0535136, OID.1.3.6.1.4.1.311.60.2.1.2=British Columbia, OID.1.3.6.1.4.1.311.60.2.1.3=CA, OID.2.5.4.15=Private Organization

Issuer:
CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
066781E7E45D8F4E89554653E7588DC8

File PE Metadata
Compilation timestamp:
2/24/2012 2:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:CjxPhl2f8GMQI87THVpHs7zu3li/RlnGMG3DBK2YixG52Ff9h/5HcUnTxuo5MuHL:850XMQIk3MuFPYirDcEquwS4Pja

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Entropy:
7.9994

Packer / compiler:
Nullsoft install system v2.x

Code size:
28 KB (28,672 bytes)

The file dl-sparktrust pc cleaner plus downloader_2a417cd5-8ec4-46e1-bfa6-e4e174e74cbd_.exe has been seen being distributed by the following 50 URLs.

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=D92BFCF4-A69A-4010-9B58-65F938FB096C

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=47611B6C-4261-4452-9E77-1B430FD0B5E5

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=625B8049-DF57-4AA6-B3C2-189F72BCA883

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=E97F629B-25D6-4890-B922-FFFE9EB69E4A

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=4392868D-EA5B-497C-9552-8C2B5931460E

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=FA6F0265-0BF8-4D9F-9CCA-710E73CC03C1

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=91D031B2-B230-4154-B371-B22CC89789CF

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=A25A732D-FF9B-4512-B859-E18B6918FCFC

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=281551AB-5FE7-49A7-A907-DAD2CF1CC376

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=1253D2D8-AB49-489A-AAC2-17A375BB1424

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=A4456980-E510-4D63-869A-AB99C674F892

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=ECCFDDDD-4ED5-46E4-8EAC-2C296BE6B44E

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=8ED0864A-2220-4A6C-8F22-63D92F7C5D4A

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=E90AF895-D6EA-4BA6-A502-37B3D8EFB6EA

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=1E937DB6-AA9F-45B7-BF8C-14123BB18E26

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=3C6C2C57-94AC-487B-A9F8-E5544767E6DF

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=E1E88044-1167-4151-BADA-9732485B0DBC

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=BDCDBAA9-7054-495C-8460-C66B6271D40E

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=83F9838E-A8C5-4BCD-B8C7-A48B57ADC2BA

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=31B23D28-96A4-4491-90A5-14F848D7DF83

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=093705D8-228F-4DBF-816D-F23013401D3A

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=148A0BCD-E6E0-4161-9C3D-59CEBACA039E

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=87166D22-2EC7-461A-8601-356C2CC302E9

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=8A82E8E2-844B-42E3-815A-3F25312A520F

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=CF98C8BC-F50A-4237-B112-3A10DE5A3FEF

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=E1E5D3B8-2125-4815-B342-F9788D36A585

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=50FF898C-8EC1-45F3-BDAB-0848CD0BE775

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=65E6B2FE-089D-4D43-A867-E75433743142

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=53D42829-DD73-4DD8-BA3C-3CA9E5AC5DE1

http://spark.sparktrust.revenuewire.net/.../download?rwp_tguid=21181D03-FA7B-477B-81A1-2DDE672DC36B

Latest 30 of 118 download URLs