» fl studio_download.exe
Overview
Analysis
File Details
Downloads (2)

fl studio_download.exe

The application fl studio_download.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from 6e985d2cb4c9905ddebe2978537c50ef.lswcdn.net and multiple other hosts.

File name:

MD5:

f4cac9bdf6162bd717ab687bc0ae8a65

SHA-1:

77bc37983892aef28adf695af10e826f4ba450b5

SHA-256:

a13068810cb3e06b043557648c991f9f85de6696550311a4ddd4b53bdc7fe877

Scanner detections:

5 / 68

Status:

Potentially unwanted

Explanation:

May bundle various unwanted software without adequate user consent.

Analysis date:

1/14/2025 12:13:20 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Could be an adware MultiBundle

2015.0.4477

IKARUS anti.virus

AdWare.MultiBundle

t3scan.1.9.5.0

NANO AntiVirus

Riskware.Nsis.Dloader.dvvnkj

1.0.10.5081

Reason Heuristics

Adware.Bundler (M)

16.5.1.16

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.4

File size:

177.7 KB (181,935 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\fl studio_download.exe

File PE Metadata

Compilation timestamp:

8/29/2014 12:10:25 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3072:BdUHwwCBStcnQOmhfyBjq1ZnPssMrLzz6pRFtgagtHQ3kGYKVg/JYBqrjVAa:B6A84q1lPsFvv6BtgZHbGYXw3a

Entry address:

0x31E8

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, E0, 73, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, B8, 3C, 42, 00, E8, 23, 25, 00, 00, 53, 68, 60, 01, 00, 00, A3, C0, 3B, 42, 00, 8D, 44, 24, 38, 50, 53, 68, DB, 73, 40, 00, FF, 15, 58, 71, 40, 00, 68, D0, 73, 40, 00, 68, C0, 33, 42, 00, E8, 15, 24, 00, 00, FF, 15, AC, 70, 40, 00, 50, BF, 00, 90, 42, 00, 57, E8, 03, 24, 00, 00... 
[+]

Entropy:

7.6072

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file fl studio_download.exe has been seen being distributed by the following 2 URLs.

http://6e985d2cb4c9905ddebe2978537c50ef.lswcdn.net/FL Studio_download.exe

http://www.appladdin.com/.../download

Remove fl studio_download.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.