dontlinkthefile_3danalyzer-v236.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from mega.nz and multiple other hosts.
MD5:
520f864e45f297d8546367d7d733fef8

SHA-1:
8d4652fc1b650b6c9833fbff67982b737c82ff01

SHA-256:
eedfb2648b10b943c2c08c64216f8ddf122507c52e068a654dcfb2ba92b3bd51

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/16/2024 2:56:54 AM UTC  (today)

Scan engine
Detection
Engine version

Norman
Obfuscated_M.LF
11.20131223

File size:
879.8 KB (900,944 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\dontlinkthefile_3danalyzer-v236.exe

File PE Metadata
Compilation timestamp:
11/2/2004 12:56:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
24576:+cDibyw3TH13Kcqm4iCUDHsOKrRnnz0kn:9ibpjV/RfDHzKdnz0kn

Entry address:
0x21BE0

Entry point:
60, BE, 00, 70, 41, 00, 8D, BE, 00, A0, FE, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Packer / compiler:
UPX 2.90LZMA]

Code size:
44 KB (45,056 bytes)

The file dontlinkthefile_3danalyzer-v236.exe has been discovered within the following programs.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
Rocket League  by Psyonix
www.rocketleaguegame.com
About 4% of users remove it
 
Powered by Should I Remove It?

The file dontlinkthefile_3danalyzer-v236.exe has been seen being distributed by the following 39 URLs.

https://mega.nz/temporary/.../KEhkSCIK

http://www.ranchsendgift.com/YJwHT21IfQGZH2sfx0naFKCD_WhC4Qmt9sUz4QHSWRIy lyqcRepc4s4h0RPJnne5x6OmVB9_HOVMLAGxNMXEspOF4lymXpGEcyWIQsmcJrOZ5b6V7oE608h0YY1JXn eyY_aZQU9VGhfFGFzWRyP9jXzswBpZI7fePkyp99IBJvQCFW2_pbaDnAsHNXraRNioY4qtAii lBb7u28lpoMzY59Xkozw==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www.towerbitscenter.com/BwLaLps9luDxv0Osq8bQuZWMjNeqJZWQNoQzvkJQc1QWHyJHTrYAJbniC56Ix80HBJZgljpXEMVlFXU6DHQ7631QpZ49enb7SJQzu8r 32C9hi3pDHu1vpKGjS1m374x3iFtYn7bak4VdQEqKQczOtN05 YTxur67W1CGgRv91wlVNKJuNGy2l1WM8bwh2R0B5TlSWyO9knP_4YvwuE1gcuFuFFW0Q==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www.ranchsendgift.com/BdEJ92609T_0lCzjxGEDaWRb6WJ8tDlih6k16tYkRr8UEbc 0CgUuAcWPzujJkjUcvlZplSnVrv1krgbzlGE1KmbgyLmMiBbLQTzybuCOIAxTFdfc_OmbBj7Ex0YL7JDgnS_4CHwnVsjUNZaLvdY06Rr83E8Ea _hDrnZcFRZ3AtZ64mCRyOc_Ndev4U8ch7MypZoa6hjIO5hU0OMhqIzn9vy80cA==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://download2196.mediafire.com/kcg3qjfcmmzg/.../3danalyzer-v236.exe

http://www.ranchsendgift.com/LyriEITJP MmKLRZkaleRCAo6NS_gEThFiQW61bsn4N8RNymoz nPDXIJeQ0DNw endYL_hHU8e2OR9PWp5aLz_l7I W6sYm8puQiQmtVl4BzeOsvn0PJ1Hd qvWlaQPn9v0XEN8Rbi315YENG55Pn5u9xSy6QbiSf7OlyxR0jcirxZlCdHsPLpViH1oD rpZjL2vwrMiplK8oPKhHzTBAi2N_Qghw==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www.ranchsendgift.com/E8_lzaaBA3cpiyn4GMM3uSJneYVlJE0qmbKRY 2hUIXjRlAmMkDK5BRc5TJjcIDXQz7ZeMrLGB5 SElldb6dDpk7TdJQFPNdFsN1mjkl5GmpPeXrjw45OQflqh59gCc2fMbTxJJSokU8ryUZEUn8myIS1KwLJusXEL9RsqJeJt1hHPp3ZL_FU4vaq6HrvNvYvorwD79_efbZLIDqIRCPDVWL4YMd0Z1ldpbLv4af58aGwUcrUE0Gw_0z Nl7tIrVpK O_0VwdefnzO1Fw6 _XsVnbEALnTZT05qG6lKpBpJfUI4zm7FpfcF2uuYkl9EKIBIx58PGP5tz9XqBZsOlkysAg2hsDyJ6H9AZZmpXWJby9iLVwbscpbYspNZRKzz0q2Wl8ZLO1_w7tUZyFxhC4K7FCVs7uKDa8duAynClR2KHEfOFvoABYLcAhkkwfA909FkQqVCIi4X_tRpjfvL1zFAp05UNT0fldUyb9eeFsvbTH1OjGhlAuNgMgR_At8fSo6PxCkPTmcoVIfMxnu 0sOMUbUybr N1q9UitYgyWsNusfwsVAXwtK1tX6vwwW7sBonA0_zoQhkS1fpUMRk3vQphIJSqmSmqJKTDEbfNgLdqoLOSfDk=-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==-e

http://www53.zippyshare.com/d/2lMVOStQ/.../dontlinkthefile_3danalyzer-v236.exe

http://xtreview.com/.../3danalyzer-v236.exe

temp:dontlinkthefile_3danalyzer-v236.exe

http://www.ranchsendgift.com/XYbOlev sMAfF5JZWHH9_iVn_MNU 4cCrLvpq7pLmoseRDQyDmYISMSMla0ABjfim8KhNZMX7YYDFhXRsLHafiEo5mYH5aX351MVU_VYXu6gLZtZ4NVnpb2TcxE d6i3tYcDuA4LLkL7FvP3GD5WYqIs2T9EunO9bXxu1jZcug6 7Kd_ kxdESeUqAGv0UQyt2U0vudrtAKDMNWy4QT Y6Bh0MvaTA==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www.ranchsendgift.com/vpBEw0LaI59xrV295nTXXuF6I_x8cJkre2vwA_7zpIv8TqZFywkqZPEny_PgonFdObOwVGqXUWreSyDpsWxUtDtqpwHWvFEueKhaKmJPwyJeWA8FhtMG4T4cZP1zaECik0NHk5cnveSje39Vjmd2WnQ9QsoUR LLbI7es2N7htrNXB vCZ24vApG5qIsA7zEffyOa1POiPT9Om2dirLk0kv d5wj9HS6DQBSVl83WZcL2j9_meRSwJKOOxmfyJcMDeN3wner_Q4zcY2SMXLePJAo2cngRUC3Acljr_xEHNPbfB3MvXAiQT65fihlPCSqTRk lxLGC2 nlRKIFpHwJuZFTAFWQVyTVUmWaJFjDWesynY3sx_vZW7lBp8kr7Z4hxHyeQLd4DKFpfmWw9HGYUB_RRqJfP7YQNP_ SiJHbINTpHE8JoiqGwLbjjD5NU0XEcHlYOkkvb8edRJglZbbKHqXZRHFmeAizDzgQy fkvNy6e6_fEY38Z_CAyKpMbpNJsa8qKBSTVKRxLF7NanVygaY BmxUgi6f6OuwGJW6y2tTBvzwrujvmA52HxUu7IO9C5aql_pal3GD2L6G_wWEx818f0xS06vbk 3SlXQH LHUEOYiM=-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==-e

http://www53.zippyshare.com/d/2lMVOStQ/.../dontlinkthefile_3danalyzer-v236.exe

http://www.ranchsendgift.com/JXhADatG1lwG8BfYmzFto2AfXQuL3IF89yANEXOGwfuDH0LG89yrB9Xm9siGaGGVvrFQ amw4xZhe66UExe8Tdrht7B03XWIFSuGD FPBVdVjSaJRL1vVORszNHiujFAtMNLuz2lZWDpbv_QTASRaNPlYA1cgHpx B18cyFsL13OX _sFu2cCujK3tY54n yJbgdD_WImjrmOL15fJlifby2Bl2Obw==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www.ranchsendgift.com/gGEjCW7s8YQvlx5m_SoWIB3VpUNmhz6BweARTewixanSjI0RnC155SY_77wpPj5ekph6ksS9v9CgSg_6ReaF5qfsnb1ctXBsHKzBInjy5FILJgaKdXFxrpTZdcpDAOYcZXglvbs9CjHwAXw ilUHX_E9eSbg5iLBUykNlYPVbZFM8wjmNsHWCwoqlAKktppgpxm7FLqDEETUD2gJNzL4vJ7sw9U XQ==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www.towerbitscenter.com/gGDCce1PzgsFRi29HpVuuyHT8_jZt62UDuqfFAYWvZzydQYJLyhjRqJm2DtNzAZUeaR4TKe_8woYzyEWBSuyQ Mfa4jnpfB2J8MM QsL2aJz47x8AUCksaTdr3YQ7zefcAW_a0VRd5OqsQWUiwfymBmSqdkRA9AzY4owOLCuHUJIEK9ozGwEw7fDQ2jIXZ644WEV7ygHSfuLcj3dDPOH7jyGZr849A==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www53.zippyshare.com/d/2lMVOStQ/.../dontlinkthefile_3danalyzer-v236.exe

http://adf.ly/Y=W=NQoZd4HVRmwLO2iM8jvMd231di3cLlnpRXvebsWF1m0bahSR12zMefXVNG0bZpWZ1WzZLomRR3laLu2l1Ghba0W542tbRkG9Fy0UZMW9l0lTbUi9

http://www.ranchsendgift.com/JHKlD0dKtc3xLLCpL3U4hniJ W7OvrnY1gS4btVG7jVt1sdStZmdeDIsTLrwp_P6_ZxJv1y9TxMRso8LKU9THdRVAA_QPzKmuUSkZn4ImgNKLWdjh7mCj_Jk5kCvzxNlVNLoCNg5OiIeeIyPdwuqeOS_ nEXoWDEncNdEvdC6ylM1foDG6sbJUhA8d7GRVztnojdQOrnxdMb2u5gBma2xZKYN4P4XA==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www53.zippyshare.com/d/2lMVOStQ/.../dontlinkthefile_3danalyzer-v236.exe

http://www.ranchsendgift.com/l1FHquQm X1VVTW8oFQgMtz 3FFDmPCcGHnv5wvBPVj_6J3QUJyRuytd_ek2Qg53QfxZI6kNElm9g8YsnT9r7bZl5lUwNJZ DdrBTpaO7Eovo1NaNmwgnJjntaNRRrasIUDXdAf9hBrESfoqhre ob7 qwPyBpjOYk 8H v6A0rGhM7NTNNvZsKo9SfctRtlO5OWVgLUqoJSoEguIi2Htdm1iGnfkw==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www.ranchsendgift.com/1pzsFqTC2Pq5W72H6lUhFbhR TVOKlsr1l19kMYJ6NxI6Byt9Zp2fgr_xzsCbJ0bCSVzvfqXx4JBvL95Urz0kp1f3EAmPvZ0woX259q6EOBYGlUFOvCymc6rSSGFa ykYY5Vu_DRvzSsCoH1Izg kgaQ0ON47kn6kTZDgLSUmVEWqWMZxGqcWUmAF4oyhbK7uj5bVJOFWuSFL1borqC5AmXiTAoSEw==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www53.zippyshare.com/d/2lMVOStQ/.../dontlinkthefile_3danalyzer-v236.exe

http://www.ranchsendgift.com/i Ffuvj2UiMIgIsArtJTlcPsxqit55NOYUV3vWcr_2WNHCUGETne3d1nt7O4n95f8UPqvs9ThYQMr3XO5HUp9Syxx_ksOsUPyRWvLiPvqPB6TFD8T5frGiHzV2kQtTuwqewEkIqYwF44N473SIUwNebr7ARuuPJbKAdB7gPSf_MVK7wn_fAz hBGLWf Z60M9k8nxxGqGr9HP6xEUdfG6hn9XIE2dA==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www.ranchsendgift.com/T_H asSHaBKlmWfbLXSqhQTDc_AqrnA2 HoPNCvYbW9hVBZd9IPZjqHvphxQjMzWT8Rbxq6Dnqtkkad3vHilQpdTYCj7FRLlYUvz0vzLN60yTHMnUaYLB2giqOl4aYxVrQCdXgHHyWj6IWeicCK9U352_yszOOwcht4TMde0CQddo3HEGAlgC_3m reQI QS7dQc98O7XphxkPnFQ1LneZC3z ahOQ==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www.ranchsendgift.com/32KmFajKO UELlpZW1fpCyPYUbV0hGs41pb5h7HmK0VH50QhuHQt7__vHlv8ouw9ixwv2oLqCjd4A4BeXsMHdUPvuqv4m9XgJErOSqxHiOCqBf3kNrpOmGTswnMxGXXD FuBIQAhAwvMPZYB6lF5sQtn_CIC16eM6svjxpEUV05K2huxoveUBrzEXw9hseqAgTBorMO OwvNgUzSVxczEfQZ1MJHCQ==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://www.ranchsendgift.com/35HaD6UWhAgSpvBhyNvDkHwUZDlDG1mPv70_dvj WYMYAP_X8LFdZ52b0YR0UUMwtGPs2LhOub mHWkEhoQBuB8PX3aWTqZmuPuCLg5pfZKZI149xNG3eKF5g3_6SuBv lt9CaXdcuyeQF0gUSxkxNxw_a17acIKUhcCCTbVbD5j41Tk1cN_sUdBhgMXtlpVpITHu9UWxlQKHWc 21p55C0UWnhkpw==-G1IAAGRwXkwHQ3oEu0ec4JAD9m8XTiQAijSYyAllQfbt1hj57ZUQngTw4cITRGIjMqg2DwiQ0dx19RSdSnpOJPMYrCCyZOdN1fkDG9xpVobgBQ==

http://dc717.4shared.com/download/.../dontlinkthefile_3danalyzer-v23.exe

Latest 30 of 39 download URLs

Scan dontlinkthefile_3danalyzer-v236.exe - Powered by Reason Core Security