dude-install-4.0beta3.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.techspot.com and multiple other hosts.
MD5:
2b89d6b703b02f57cb555c6912977150

SHA-1:
d936b1d2ca7c537f9f65fef619ca147b0e3cb525

SHA-256:
bdd9ceb0ebe79be9b088fbea6fc37d2621f78922dcf943db41fa6f6a271587b4

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/28/2024 5:23:05 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4613

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.131216

File size:
3.7 MB (3,865,768 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\dude-install-4.0beta3.exe

File PE Metadata
Compilation timestamp:
1/5/2010 6:09:32 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
98304:hsHhHruWWOhjSY47kUkQaGTPv0WaEme4kof+f:qNruPGPUkQaGTPcQQf6

Entry address:
0x4044

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, E8, 97, 52, 00, 00, C7, 04, 24, 01, 80, 00, 00, E8, 43, 4F, 00, 00, 56, C7, 04, 24, 00, 00, 00, 00, E8, A6, 52, 00, 00, A3, 88, 5C, 42, 00, 53, C7, 04, 24, 08, 00, 00, 00, E8, 26, 32, 00, 00, A3, 38, 5D, 42, 00, 8D, 85, 84, FE, FF, FF, 51, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, A4, B2, 40, 00, E8, D0, 51, 00, 00, 83, EC, 14, C7, 44, 24, 04, A5, B2, 40, 00, C7, 04, 24, 68, 5D...
 
[+]

Entropy:
7.9968  (probably packed)

Code size:
33 KB (33,792 bytes)

The file dude-install-4.0beta3.exe has been seen being distributed by the following 25 URLs.

http://www.techspot.com/downloads/downloadnow/.../?evp=a759254c4898b1a23ff12eccaec6e1c1&file=1

http://www.towerbitscenter.com/Ok1WKdwo9X7YH yMRAVaeZLw7b8kJ91 KKpqBZwZULF0qEeHSVNZJUTxVTnkUt9dMQ_BdR6qQassGiZqZwPdCHriPyKmXkTpv5NbzHZCqdPUdpiEnuOf 9YS4Z5KTb_fSr5w07WFqw2L76FqBTz5iR9TOk Fw6DS0tLisAsCd14 Jb9wj1fhNLqM6Fv_xr8Cv6Kisu_zD9j5x3ddjjPeTrzYOqRDyfgruTHfZNg74YefFFHuwURDmYd0X2RSOUG5WKApHDFDFIJy8Dhof14 kUh0kpFZ6TNe58EtSmpiWq2PknckXTFA2qQeRPwxBPjEv6zqHB4dYiezaaBYJzrCV8F1k0kibbaVJhDUNzDUwGZttg8Aow8a4faxx56HSw9vk7a2nMPVKGtsvOmq6doH_t5jGAutggzAF4ZeGLtVMHFJxBgUXKL_8k7IWE8S00RxweFvWIAKdhl KMbQoRG_pKvCn7WorDauUyi84uDbs cXkDMIIxKRZCBs5yKhufhCX5hfBkLyWyD_Vt_cKXrJJC2ebk1sZ1mCtcVga45utwKCTaaOQ=-G0MAAEQ3F5NT0BhdEBHh_HCPsfEXR5zhTMBxeJy7IqLCG9PoMdVnb3WoyZfUgBVGjmVQEaXgJw==-e

http://www.techspot.com/downloads/downloadnow/.../?evp=b9f9adf415e4f8d287a2e784ef512b54&file=1

http://www.techspot.com/downloads/downloadnow/.../?evp=3889f8d7852cdf54f3d5e54b3c4055ba&file=1

http://mikrotik.c4.hu/.../dude-install-4.0beta3.exe

http://www.towerbitscenter.com/z1bcahoozvRtYZo2a8bNbYeKtboJNDoRTnEUj6gKQ57hU9NBNs5eb w5n Fs_z5EvEXFH6Wfw9E17Q6YsuKRwtj6Wdisry28mBNdTaNZPIvzhB21K0ngID6k0JgjqytQxyeV 4x8 fBx0DbBrd66DSASSyZxM_OMViopmTSNQD08AEVdb_VqRS2gy_eo7jzlAjAc6fdt09TfGMzQ0ZU lqCXYLrUAg==-G0MAAEQ3F5NT0BhdEBHh_HCPsfEXR5zhTMBxeJy7IqLCG9PoMdVnb3WoyZfUgBVGjmVQEaXgJw==

http://www.techspot.com/downloads/downloadnow/.../?evp=86ab6f66c8bee549dc4c54bdcf231e2c&file=1

http://www.techspot.com/downloads/downloadnow/.../?evp=14e6df0de078bf2562800a0b994170be&file=1

http://www.techspot.com/downloads/downloadnow/.../?evp=6619262a543df7d9d72e70e6e51e4e78&file=1

http://fs2.download82.com/software/bbd8ff9dba17080c0c121804efbd61d5/.../dude-install-4.0beta3.exe

https://www.dropbox.com/pri/get/.../dude-install-4.0beta3.exe

http://download.m5zn.com/Download-Link/15421/.../

http://www.techspot.com/downloads/downloadnow/.../?evp=e1dbf38fc832a3d574868dc938cd42ce&file=1

https://mega.nz/temporary/.../ygNnmJyB

http://rosdl.minitw.com/.../dude-install-4.0beta3.exe

http://10.8.0.3/upload/.../ambb7zV5Oe-dude-install-4.0beta3 (1).exe

Scan dude-install-4.0beta3.exe - Powered by Reason Core Security