flashget3.5.0.1128tw.exe

快車(FlashGet)3.5

Trend Media Corporation Limited

This is a setup program which is used to install the application. The file has been seen being downloaded from 61.219.11.16 and multiple other hosts.
Publisher:
Trend Media Corporation Limited.  (signed by Trend Media Corporation Limited)

Product:
快車(FlashGet)3.5

Description:
快車(FlashGet)3.5 安裝程式

Version:
3.5.0.1128

MD5:
6fbaca5b43badb5ec179682a9ee42033

SHA-1:
f9fa0efbaed988503655bc947dc40aefad381a4f

SHA-256:
5c7f6430e7240bd2f29300449b603cba94659aec3d4a548887507cbe4780f4f5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 8:10:39 PM UTC  (today)

File size:
6.5 MB (6,799,912 bytes)

Copyright:
Copyright 2000-2009 Trend Media Corporation Limited.

File type:
Executable application (Win32 EXE)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
6/29/2009 8:00:00 AM

Valid to:
6/30/2011 7:59:59 AM

Subject:
CN=Trend Media Corporation Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Trend Media Corporation Limited, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
15E8ACE7893D48738C3506A502AC638D

File PE Metadata
Compilation timestamp:
3/31/2007 11:09:51 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:6Wbv6DaVwpYYBXxFgWrPkbL9J7crQba0g0IR:6q6mqpzXxFgWrEcrYa1VR

Entry address:
0x32D0

Entry point:
55, 8B, EC, 81, EC, 80, 01, 00, 00, 53, 56, 33, DB, 57, 89, 5D, F4, C7, 45, F8, 70, 91, 40, 00, 89, 5D, FC, C6, 45, EC, 20, FF, 15, 30, 70, 40, 00, 53, FF, 15, 70, 72, 40, 00, A3, F0, 43, 42, 00, 53, 8D, 85, 80, FE, FF, FF, 68, 60, 01, 00, 00, 50, 53, 68, 00, F9, 41, 00, FF, 15, 54, 71, 40, 00, 68, 88, 92, 40, 00, 68, 40, 3B, 42, 00, E8, 06, 28, 00, 00, FF, 15, B4, 70, 40, 00, BE, 00, A0, 42, 00, 50, 56, E8, F4, 27, 00, 00, 53, FF, 15, 08, 71, 40, 00, 80, 3D, 00, A0, 42, 00, 22, A3, 40, 43, 42, 00, 8B, C6...
 
[+]

Entropy:
7.9990

Developed / compiled with:
Microsoft Visual C++

Code size:
22.5 KB (23,040 bytes)

The file flashget3.5.0.1128tw.exe has been seen being distributed by the following 20 URLs.

http://61.219.11.16/f2c4bd985f49c9748062c9653057a657/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.60/5e9a54fde0947983db347908df43885a/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.63/67d20fb3c6e3ea68427fb038c3c81dc1/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.59/4bb14f877fb044ce407b94546ff78a29/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://dl.softking.tw/435b38c383bea28495f43b8e6825cc92/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.60/d12040d95ef50b594612c8cd8c61d84a/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.60/acf9b2585658c0c8fc1e937c4ff8df25/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.63/d1160411bb5ed2eeb8eb8e5d942de9d4/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.60/f2c4bd985f49c9748062c9653057a657/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.63/f5bbc5783b491a800cc60e5c43e1a605/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.60/b1b2c93898555d63fe619a9c3359bb24/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.60/1beafb3efc520721677e15862ca5c10f/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.60/b1c1c0cb9857794d78a935bde60bffa6/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.63/4bb14f877fb044ce407b94546ff78a29/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.60/9423d4712f5137d6bb93dbe90377920e/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.60/786fad7ae7a32738b86327b8d59a60a7/softking/soft/cn/.../flashget3.5.0.1128tw.exe

http://61.222.3.60/fa6ccd57558caa809c85ec977855c690/softking/soft/cn/.../flashget3.5.0.1128tw.exe

Scan flashget3.5.0.1128tw.exe - Powered by Reason Core Security