faceoffmax-3.7.9.2.setup.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from download2.faceoffmax.com and multiple other hosts.
MD5:
6ad7a828581019e3a077b16f49a04416

SHA-1:
d64d74150ace33bad1624a3941c0c78603c1c06d

SHA-256:
7a4754c55d0929a2fd1d4c942917ff6cf961c1a24ea2f591c32020b3399bf147

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 6:05:54 PM UTC  (today)

File size:
22 MB (23,094,713 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\faceoffmax-3.7.9.2.setup.exe

File PE Metadata
Compilation timestamp:
6/7/2009 12:41:54 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:mHaQcL+Ww21EpsXkKA1FpeB7UNpkQ8+qQUXoWGuhajU2XfKsmkVVwaHbctFiKYuc:CVcPw8A1mmnu3X9GuQU2PKsNV+0sI0S9

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.9999

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file faceoffmax-3.7.9.2.setup.exe has been seen being distributed by the following 12 URLs.

http://download2.faceoffmax.com/.../FaceOffMax-3.5.9.2.Setup.exe

http://dw.uptodown.com/dwn/CFvLeo-VMk2Q15aszhe2zDjML0bHl88BN3kY_1r6QqqmF34X1g54fo_jiiyzGDE1AA72-I-eEVwSPn5VQudo40_UK86CElh8z4Pa_VdZ0ZS_ChBM4Av0fW9th4pFXYMc/N50gIZqSS7Tki6IkEHQm8kOOR5BsssBZBg5ctTlmcJ8oRSKQPu9bVrwPgc6FmeQMMNHW_-eE8iZMoEipHFtYt8AA8NKkfbPAx5_X1OmFZ6Zwd77QHPMBtoFGnDXlBXUr/.../

https://dw.uptodown.com/dwn/uDzdNI_aY_xUnJ8CHWKHn25QBl826C9zlEGLnfAm8syEDvrDn1Zt_UIRp-oyksCC3pmj6HLoPXdr8NoD7x-1boyKzI0xWHTWbHvEu1o6GUKGG0pelcQ2uCqJmCURMJei/k_M5fECwA47Wjx_Gs_R8jFFMI4sqeuqi4W5K6kxQjbzz67GuhsuDzNSELZ8p2UnlLJNyVxjyGjUDLY4P8PIp5z69YT2KYAtxc4YuZr7NKAr9vQDobsiQwV-Uxu4CbtL7/XFtc9EJmZxavBY4qm4NhRXZulZFkvWXD3aj0W6fvLCOdF5Du9cSdHbm1d2l9khthSUXSE2Twt0r7jX8OwDlHCKreDntC4sQnoHNoQeMSNWqDaIJxMQHEqx2McMWK6OoG/.../

https://dw.uptodown.com/dwn/fe5sxe7xmV1tuPJS5jCOlTaPXTZ7-sA4n-w_Rj92z9UxVQT3ds0Rv6qNG4ND48TWQViJo2XbY-1cGKd2nLen5R3nY_29I-YOL18DOpXg2G-gw_wCekRAZZOGiC115voD/4VeYvRtVAFR6wbwxuCjAUz9uJEybumxwzKTOUOrO7B-KuakRF107__QyvRa7TXtvqmkGHgiIwoFtodKB2q-tvT1llRQnM7s0St8oV2N72JGTD4xe56k9yaGPFreKKTjA/K4VxBzNIIkHOdG7s6OPityUn6vTDprH3bLAFcRN7blKnp-TmJvwvhf3qCb9z8Ap7CGSeSWzmfWeqBG2jg1HDzLqllms9BDxh5rrw7c5sWvY37Z3AnglVlrv9QNGDg1kD/.../

http://download2.faceoffmax.com/.../FaceOffMax-3.7.5.6.Setup.exe

https://dw.uptodown.com/dwn/ynhDVcqaX1_cY0JRYYBS1-m04sydZrsb6Nm-1EmnFYUEGmqnldxX1Yc4xF8aEKpZz0PnrW-TjUb2syJX9Ud79uX0DEqFJia1_gW7NVaV4uYFc6rmkNeHWX7uldXB3pjy/N3RaMwYf2CG4LPO5Igip24VCpd-WobrfxvwZ7Wi9_k43UbmuDh_R86IyTOL_YF94qdeCSzT3uhGPNi8WDbtv1v-vNxPVu5RMpVsH8YS2C5APDGKocmTWNZD_VeQ0dzCe/eb2LZiLb8FPRPpfhssPLO67PKRKw0DtIHtQ9uN8FiuB5MpCXzKBJnhOiUY_75xdUZh6Me7dzqp4mr0jlKasoLZfUQT8zKw2xXR3jIOhPkMMhmiFB5tDuDcb4N-osJYsW/.../

https://dw.uptodown.com/dwn/aUsG48MhSM1HO0_HVwPjqPVFOZnmdMtDd8fvsue_kOcbM37Hfx_5KIpu7tjB0KSV1pLU328tYdIPQVECpfLwbyb3nqw2uq_pZtg-QsMY5wRC_EXwKRTLfqnIvww7Xjlh/SqwB2PHllLCy6CtMm17tneQQ45qvzzFjKFM3jhlTjhB7FOepwsMj3LMN3Ben8GAlNlDwa8KhEkK6U_4gwBlvm8WCR68WeeJ-QYcXpET56eG4WjFl3OAvGgOkMNoWLoTz/.../

http://download2.faceoffmax.com/.../FaceOffMax-3.6.0.8.Setup.exe

https://dw.uptodown.com/dwn/uWHgpRuQHNQE2qLoI6WRERJzpyMHiQ-_zIfkMBu9tPx_xO7mp_vX5qnLM7WERZHRzlYKu4bHGwSYEWMMJXXbi5Tal-oizDAaUq8c7JopwH1y0ON9q83ryMrVroKR3IPT/cjM-hFlOZ43HPM0gA6eFja7s8siVH3dB1akW1sUOCdhDMONnmz6VoNFwHBOgYHVRm8zixfCpEctu-ygbgscgqssPrnEFin-WEZ_KQ9tQb2ZGIJ1SrfAM-1CvTHmJb67w/JuQRgaradvXZsaInLgTDghjXn2UNlv8RaOVcl_7AF9XoHz_JRYb1I1bFz8BwwZfv-FsWKf8u6y4EXXDqjEmQe4wngGjgXtow9iZGvTBfB9Nv343aybrqogs4u650S8Z2/.../

http://download2.faceoffmax.com/.../FaceOffMax-3.6.5.8.Setup.exe

http://download2.faceoffmax.com/.../FaceOffMax-3.7.7.8.Setup.exe

Scan faceoffmax-3.7.9.2.setup.exe - Powered by Reason Core Security