home

frostwire-4.21.8.windows.exe

FrostWire

Frostwire, LLC

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
FrostWire Team  (signed by Frostwire, LLC)

Product:
FrostWire

Description:
The Fastest File Sharing Application on Earth

Version:
4.21.8.0

MD5:
a4dde00d671611acc5f3f2212c8889b8

SHA-1:
70568d59c1cdfb7ade43cbc12b7261adc1975909

SHA-256:
3322f253d77fb54e5440836620762f6763380679dae15dd7f9ea78a2eba7ebe0

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 11:21:06 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/OpenCandy
8.9639

Malwarebytes
PUP.Optional.OpenCandy
v2014.04.07.09

File size:
8.9 MB (9,356,416 bytes)

Product version:
4.21.8.0

Copyright:
FrostWire Team 2008

Original file name:
frostwire-4.21.8.windows.exe

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\frostwire\.appspecialshare\frostwire-4.21.8.windows.exe

Digital Signature
Signed by:
Frostwire, LLC

Authority:
Thawte, Inc.

Valid from:
3/24/2011 8:00:00 PM

Valid to:
3/24/2012 7:59:59 PM

Subject:
CN="Frostwire, LLC", O="Frostwire, LLC", L=Miami Beach, S=Florida, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
44C3F732588729CEE94F2CFBD7A7CB44

File PE Metadata
Compilation timestamp:
4/10/2010 8:19:31 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:n4di8DYB+67X0PW71yuXvJQV5RUcAQscxM6NINQDDHnwA5h3:nyiN+6bGo1yqCrUPQK6uuH55V

Entry address:
0x354B

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00...
 
[+]

Entropy:
7.9995

Packer / compiler:
Nullsoft install system v2.x

Code size:
25 KB (25,600 bytes)

The file frostwire-4.21.8.windows.exe has been seen being distributed by the following 16 URLs.

https://dw.uptodown.com/dwn/BXjrFQXBgH-YUxh-GrXg9-BUVmGAl9JsYtOa7RiS4vsrlnwkyNGDu8oBDuJ2RNSmagdQ1Zzjy6ejismwbHL5LYYqHh8c0yU0GvQNL1VDpbOAyDDXP9jU5hzwSbSWFtN6/njQmo8Rh25AvZ765G4Upc1cHR1qj0al_PHn73Ia7WaqZ6awXfnVYlJsYZW-ukDTT3NcRXn853BVSYXSW8xBIVjrnDZnZA0wsRW6kXgfebWStR8VVdr4TlBpOWMuQLOwi/2-T3HZ5Iv-CEsXOtKVj0bXG1JJU9LynDfsgVaremCdnyBMXuAnrJ2fvhfeN5Pzpk_Hr3zxT_Cl0o-igBcw_O-75eBg95U052JZ4_t2YIjXi1jOTjsv4HHfoZGZJeYW_I/.../

http://filehippo.com/download/file/.../

https://dw7.uptodown.com/dwn/CkT1Kfg6TpcJsWFg1dwRw00ndfpZmBzD2ZCURBoF-Mm_GUr3Vo3Y-kGCR0dFRLyOSDl14Q1nndHMfK4vGtrPk3zC-1gvl_CkbOMiI79sSOSGwtE-52jryZk4FLGSUoVi/Y6UuAqRkFMhU2n7kGZKW_lkbCu0GCWX5xhtrYzg7ycn3Dy_tp0oLbaOxbPhessP3QAuZJTSyIHP7HokxyA-xdi6cMu0wmhvvo43-DLIfVNpvAvgm98D7zFtpsyiM3nbh/jvvpd-uWpmXTVzm7XVy8nJbgAItwWR9Q-wpkEqCQl3_JUZ2fvk61OBBU5rpvplD9O-OZnzq0bphIauqfjRXRjee_wSR5bn0GEB0ByLF6pWEx2BQS_NC-khD5OTnLRmez/.../frostwire-4-21-8-es-en-br-win.exe

https://dw.uptodown.com/dwn/GM1VzaOGQ05EzDK7pV-66IFOLFfHq6Q88SEBB-fzCOxeNzoXFeJ10GyVQatqiiIrZ9LUQENE4BArfImcw2mm7FTNnG14rVDhi6UIjSSLIsmNK44hQQdPoeW7Z_soA7b2/_lzbfE9Vz6NGrEQ5QA0FmIth36o-d_ex-3H3rh7Dsjg9AdRPoDjzprkVWw2_Dnyw5plEyKG2KADKrqvK2g-0r_hhTOg7wh6fD1ruhJhX8G4Es6iwPUdToxUvxege44Rq/lk_z0aaGwusVbJCf9kEnbwmUi1Zv0D5tWzd6jYeQonBELn1fPfljBY4vBcX7qPsR2ldHZGUHCAvG8sFZnT_QWr8zszBDpg_tizbjwyg689MfwNMt8QXEW2pKLA1KJuNV/.../

https://dw.uptodown.com/dwn/alFFaZL0O-c4hS9ReBGZe2LnyF9uYz6ghVMc6ASKuB0goKzRh1wvHiOZvdqpEvlBxFKY893UnOxD9GAe5q7uqa4xhOEdrpqSX_9jDUYpq222rQVLV-EsmIBD4Z8notce/k1LDsVS8l5ZfWqaymqQSumm98amJv6qM-KoSkJnGUpzL71SMIhlkiHroxqpq4DK9y1XSrgPz4CA687NReg2oVMDD3VWg_QDgjLNu26wMB5hG-bkZJaCIo-N1UfIjk33_/eboqhbDKzB3tPgrKeGyZ_ouSx8YtiSRP98-NJY9JLLVfAMw1xvc_JRTZYYKSqyGnI63teO1mx1cg9RsR_jcQCTUbL3hsUOB3qf85mhLVqdql-R0AoGaLY_gv2yfsHma6/.../

https://dw.uptodown.com/dwn/zS4HCrM1Iw687PcivtJeyz-i0kSz4fMumlYgAu-zzgdXXz8EF2ZPfQLsr58d_jm9levXbSp379JbA3aEKfqk-6HlVX5T35qXyIOXHxaR-Td3ez_TsdpcXtAOhLhfCGvS/epk_Bg2T9XmKHT4FyysLdjpW3ca_0pRtSVUizYBiePlTu0IvEQ0iIO5GjoBS9GPamrgJCP-AWXTZnJxSC22UEpfTOXJ8GC2_uyZYBkxlTHOD5MPxroqri1TothSD6SZ7/JB-55YFcwsI3RVVGU1s2yplfPex1pBEmKRmktfW1Etg968OZiiR2UCG0UY3ir7aVEZF6wa6gOI_ZlEp5wA27baC6o-Kz7CgGKEXWBFdIJaWcVZ_pf5zJ0UVWzV--qF1j/.../

http://frostwire.intsoul.com/frostwire-4.21.8.windows.exe

http://dw.en.uptodown.com/dl/1447325261/.../frostwire-4-21-8-es-en-br-win.exe

http://fs36.filehippo.com/4766/.../frostwire-4.21.8.windows.exe

https://dw9.uptodown.com/dwn/ZyIoQPY9CCh-pc0gr93iNHKPZDVCT4UVVTUqggXlq8wqG9Ja2aZ3xnNWpSIgf4Om_bJNPue6voGz5YNpDj_LWbqv55O26V6ybVemA0dqBwBezDZjSk2rMyCNkUt4dPs7/S0UkZbRomcoTQd-CUPzYF6YztS9m6jACtBiAOhVRdCyZxOThuWIb3tXtphg5XeU2KRga0mU5vnij2Ree-v347DOgX4rGIjQ5hravH_tmH-Yfgo_aw0lYz62feMB9fhbb/.../frostwire-4-21-8-es-en-br-win.exe

http://dw1.en.uptodown.com/dl/1402081876/.../frostwire-4-21-8-es-en-br-win.exe

http://dl.frostwire.com/frostwire/.../frostwire-4.21.8.windows.exe

http://newyork1.frostwire.com/frostwire/.../frostwire-4.21.8.windows.exe

http://download.oldapps.com/.../frostwire-4.21.8.windows.exe

http://www.oldapps.com/frostwire.php?app=a4dde00d671611acc5f3f2212c8889b8

http://usfiles.brothersoft.com/internet/.../frostwire-4.21.8.windows.exe

Scan frostwire-4.21.8.windows.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.