ducsetup_v4_1_1.exe

The program is a setup application that uses the Nullsoft Scriptable Install System installer. The file has been seen being downloaded from www.noip.com.
MD5:
d956698c3ee412668a9fb70243e00a09

SHA-1:
e9a4b820771fd0b19455c91ec4041e5582e78e9b

SHA-256:
cfd202bfb2a2eefed06e116788d532b7f7ed09b3816ee54325b07d74b26af422

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 5:48:08 PM UTC  (today)

File size:
304.1 KB (311,368 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Common path:
C:\users\{user}\downloads\ducsetup_v4_1_1.exe

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:ieb4ua8278NaN7byeiTqGSj+Uh7a6WP7+J1vAPz3IOFd58A:baoqblqqGSj7rWMtAPzbFnD

Entry address:
0x30FA

Entry point:
0F, C9, 81, FE, 18, 7F, 4D, 97, 72, 07, 32, DC, 0F, AF, EE, F6, DF, 20, D2, 81, FD, 20, A9, 00, 00, 76, 06, 8D, 05, 60, DF, DC, 7D, FE, CC, 8D, 0D, 70, FD, FE, 5B, 0F, AF, C1, 8D, 3A, F6, C0, 29, 0D, DC, CC, 80, 35, 8D, 2F, 8B, D8, 55, 48, 5A, 8B, C6, 09, FF, 52, 03, EA, 5E, 86, F5, 0F, BF, F2, 51, 68, EA, 05, D0, 00, 8D, 05, A7, A9, 3C, FE, 89, C2, 0F, BF, CA, 8D, 15, 63, F6, 1B, C1, BE, 42, 0B, 00, 00, 01, CD, 81, F6, DB, 05, 00, 00, 1A, E9, 81, EE, 3D, F7, FF, FF, 81, EE, C4, 08, 00, 00, 84, D9, 0F, B7...
 
[+]

Entropy:
7.8846  (probably packed)

Code size:
23.5 KB (24,064 bytes)

The file ducsetup_v4_1_1.exe has been seen being distributed by the following URL.

Scan ducsetup_v4_1_1.exe - Powered by Reason Core Security