home

flvplayersetup-n1tbaub8n.exe

The program is a setup application that uses the Nullsoft Install System installer. The file has been seen being downloaded from www.down1oads.com a known adware distribution point operated by Somoto Ltd..
MD5:
9e0e88f5bd0060e052d3e819db14a0b0

SHA-1:
4804f5b67bdb60da64a62787a8b9b1e619900029

SHA-256:
70ae1b94bd73dab2b5c8c2c85326b84f33b2d918f4de507dbaed65c0d1f91104

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 12:17:50 PM UTC  (today)

File size:
307.4 KB (314,784 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Install System

Common path:
C:\users\{user}\downloads\flvplayersetup-n1tbaub8n.exe

File PE Metadata
Compilation timestamp:
12/17/2010 4:14:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
6144:LJ380o6CCr37+du8xr/359PuWGMY0Zqmi0cF8fyV7K+g8M1gAPc:LF80o6CdE8h/359lG70i0cF8w7RRM1E

Entry address:
0x380C

Entry point:
8D, 0D, E2, B9, 0B, 75, 84, FA, 53, 12, E8, FE, CE, 70, 09, F2, 81, D6, CF, 50, E7, 69, 84, EF, 4A, F2, 55, F2, 4A, 58, 81, EE, 07, 92, 26, 5D, 87, DA, 8D, 15, 9D, CD, DE, 7B, FF, C7, 48, 8A, CC, F2, 0F, AF, FD, 69, F8, 63, B6, E1, 49, F7, C5, 9C, AB, C1, 9A, B3, 18, 8D, 35, B9, 22, AC, DE, E8, 90, 00, 00, 00, 0F, AF, FA, F7, C5, B1, 35, 89, 49, FE, C8, 85, C0, 85, EF, 70, 04, 40, 0F, BE, F7, 81, EA, 8A, B9, 00, 00, 19, FB, 81, EA, C3, 08, 00, 00, 69, CF, D0, 69, 84, FD, 3D, 06, D3, 8B, 2F, 0C, C8, F6, C7...
 
[+]

Entropy:
7.8426  (probably packed)

Code size:
30 KB (30,720 bytes)

The file flvplayersetup-n1tbaub8n.exe has been seen being distributed by the following URL.

http://www.down1oads.com/.../FLVPlayerSetup-N1TbAuB8n.exe

Scan flvplayersetup-n1tbaub8n.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.