home

forticlientminisetup-windows-enterprise-5.4.0.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from sslvpn.ladpc.net.il.
MD5:
313f27a6ca33f08bf1bb55671492269d

SHA-1:
bcfcf49f3c2a1829d6306301423e99da98b0708b

SHA-256:
3f81f58ccf5cb5263933e0e990942de9f333a0196051e8d7c7c94a075dd42780

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/6/2024 12:31:21 AM UTC  (today)

File size:
72 KB (73,728 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\forticlientminisetup-windows-enterprise-5.4.0.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
1536:XDQSDcPimn+VUVwPiVY0I128IhZSt/tUTLtKUpBmskc:kgU7n+VUVwMYtII/SPlCc

Entry point:
86, 11, 2C, 89, 50, 20, 99, 17, 72, 75, AC, 47, 97, FC, FC, 84, 2A, 85, 25, 76, F9, 0A, 2E, 4E, 3F, 10, DF, 33, F3, 33, 32, E0, F0, 6E, 38, 38, 41, C1, 0B, 68, 3C, 89, 79, 30, 8C, 34, 74, AA, 47, 32, C1, 14, 5B, 34, 6F, 34, 34, 0A, E8, 76, 2D, D1, F1, F2, 50, 28, 9E, FE, 20, F6, 02, 89, 72, 40, 8D, F0, CE, 31, 71, 4D, 68, 04, 42, EA, F4, F8, 86, 05, 47, 0E, 6D, 4A, 48, 1A, 4C, A9, 24, C8, 6D, D1, 3E, C8, 04, EC, C3, 89, 7A, 50, 9A, 58, E9, F5, 4F, 6C, 77, 5A, 54, D6, D0, 89, 51, 5C, 3A, 01, 0C, 2E, A5, B5...
 
[+]

Entropy:
7.9193  (probably packed)

The file forticlientminisetup-windows-enterprise-5.4.0.exe has been seen being distributed by the following URL.

https://sslvpn.ladpc.net.il/remote/.../sslvpn_installer?filename=SSLVPNLIMG_WIN32-5-4-0-05004000LIMG03018-00004.00000&imageid=05004000LIMG03018-00004.00000&major=5&minor=4&build=0&osname=WIN32&action=download

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.