emule049c.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from filehippo.com and multiple other hosts.
MD5:
841514a4afc014899a09e1d7664019bd

SHA-1:
56dc005ad32b7b77a927d06a71d7268ff9d0fd90

SHA-256:
62ad74482ac967293c8cef4237072ab9dfd87f9a8959c35f4e422fc6f7760761

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/24/2024 3:26:39 PM UTC  (today)

File size:
3.2 MB (3,342,809 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\emule049c.exe

File PE Metadata
Compilation timestamp:
7/12/2008 2:04:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:xKGInWG/Tndy9kEBCO/gQFFo8OZd4/2wYCpabXH+tWj8oitdhhs/d+ceJqLuA:x0nls9klO/RxuWab3+tWj8oitqUcwSd

Entry address:
0x30B4

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 58, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, 3F, 42, 00, E8, 23, 2B, 00, 00, A3, 64, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 28, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 4C, 91, 40, 00, 68, 60, 36, 42, 00, E8, DA, 27, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, C8, 27, 00, 00...
 
[+]

Entropy:
7.9940

Packer / compiler:
Nullsoft install system v2.x

Code size:
22 KB (22,528 bytes)

The file emule049c.exe has been discovered within the following program.

eMule  by eMule-Team
eMule is a free peer-to-peer file sharing application for Microsoft Windows. eMule is coded in C++ using the Microsoft Foundation Classes.
www.emule.com
24% remove it
 
Powered by Should I Remove It?

The file emule049c.exe has been seen being distributed by the following 34 URLs.

http://filehippo.com/pl/download/file/.../

temp:eMule0.49c-Installer.exe

http://dl1.filehippo.com/.../eMule0.49c-Installer.exe

http://filehippo.com/it/download/file/.../

http://ftp-stahuj.centrum.cz/dl/c2bbc90556047e6f9020b391664ec43f/574ddde3/stahuj/download/software/secured/e/emule/049/.../eMule0.49c-Installer.exe

http://es.afterdawn.com/programas/general/.../emule?mirror_id=0&version_id=16158&software_id=514

http://i.download.idg.pl/fannef/f309916a2e637bc2517bf38d587a923c/56674e39//zx/vol2/w95/multimedia/mp3/wyszukiwarki/emule/.../eMule0.49c-Installer.exe

http://filehippo.com/es/download/file/.../

http://giadamartinez.eu/software/.../eMule0.49c.exe

http://freefr.dl.sourceforge.net/project/emule/eMule/.../eMule0.49c-Installer.exe

http://filehippo.com/fr/download/file/.../

http://filehippo.com/it/download/file/.../

http://filehippo.com/es/download/file/.../

http://ftp-stahuj.centrum.cz/dl/150a05a4428da225543c480f55ca5fcd/57c69f76/stahuj/download/software/secured/e/emule/049/.../eMule0.49c-Installer.exe

http://filehippo.com/pl/download/file/.../

http://ftp-stahuj.centrum.cz/dl/ef720d931e943e90262e2277f201b2a7/57bdc518/stahuj/download/software/secured/e/emule/049/.../eMule0.49c-Installer.exe

http://www.afterdawn.com/software/general/.../emule?mirror_id=0&version_id=16158&software_id=514

Latest 30 of 34 download URLs

Scan emule049c.exe - Powered by Reason Core Security