» hu2008-setup.exe
Overview
Analysis
File Details
Downloads (8)

hu2008-setup.exe

This is a self-extracting archive and installer. The file has been seen being downloaded from data2.stahnu.cz and multiple other hosts.

File name:

hu2008-setup.exe

MD5:

4e1535cb1171097b8c40e32fcbb085e1

SHA-1:

0af301b1976fc94f9879ad3759a57ae9167d0780

SHA-256:

bc0dcc88580197941fecf8494bccd0c55e323e5964cf2b037fd0dc86b55ba6f7

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/23/2024 6:17:06 PM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.15326

File size:

334.4 MB (350,671,029 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\hu2008-setup.exe

File PE Metadata

Compilation timestamp:

3/31/2007 11:09:55 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6291456:hF+75TvPOtq8gpU2PGVEm+JCbE3U+jmRvnocV8X9K33OMxb9uITDy6M0uUHG8won:hF+9DD8gp+y5JCbkXm9o229gjbDDMoHJ

Entry address:

0x315D

Entry point:

55, 8B, EC, 81, EC, 80, 01, 00, 00, 53, 56, 33, DB, 57, 89, 5D, F4, C7, 45, F8, 30, 92, 40, 00, 89, 5D, FC, C6, 45, EC, 20, FF, 15, 30, 70, 40, 00, 53, FF, 15, 70, 72, 40, 00, A3, D0, F0, 42, 00, 53, 8D, 85, 80, FE, FF, FF, 68, 60, 01, 00, 00, 50, 53, 68, 40, 94, 42, 00, FF, 15, 54, 71, 40, 00, 68, 24, 92, 40, 00, 68, 20, E8, 42, 00, E8, EE, 27, 00, 00, FF, 15, B0, 70, 40, 00, BE, 00, 50, 43, 00, 50, 56, E8, DC, 27, 00, 00, 53, FF, 15, 08, 71, 40, 00, 80, 3D, 00, 50, 43, 00, 22, A3, 20, F0, 42, 00, 8B, C6... 
[+]

Entropy:

7.9790

Developed / compiled with:

Microsoft Visual C++

Code size:

23 KB (23,552 bytes)

The file hu2008-setup.exe has been seen being distributed by the following 8 URLs.

http://data2.stahnu.cz/downloadFile.php?n=aHVudGluZy11bmxpbWl0ZWQtMjAwOF8xLjAuZXhl&s=98nj6m6sjqpg2mhceb357f66b1&r=d2cd44b70ccd65447dfd7175e25bc9be

http://www.laboratorycenterconecpt.com/tLY2ApHTxDMA9jzEPVcna5J_ouaJNuDJ7KKz_gxFAR oE T_Y5J5q870BHc6OIo4UUfTetapcLjXESh9Vo5fGXP0cndCIi1qXfEtIIarb0H2W_jU3zDRRpeytbtSrM uW W oWoMIQosEP7N3YdVFWYdd 61F1qdz85p2_B1O1oKMQiP7C16JzlXNIQsYQzIj9j22v7TpZnG_qufvS2gYJ3hLFUzgZiqqQDsBapWze7wA66kzPqoqvYedhIGkim6NNBTwPcfHJl6qumS1hKchLu19RZcvyL7_e0ZjPhyVgnVcUb03QLmQtj16XW2WbOGtkkiLmy KOg_EgxazX2lRFwHBdG6OT3prc3CL1KcTrU0VfjMSEr9JboJv8AIECPuwLhGbMXt6x93HyGvKhpq5sF0izagbJDPZ7DAvwyT4xzXhtkYJqSA4AlkCIFaA2rqyh_HHqBRBLv5j5jCG_go5Dz4wwAZKXptVG3a7jBXtp9lu _hjE2fs77zSh8asFurxYfgXVi611ol3L5r6wL eKWXaj8rLwSjbWM5UPjhhhZE9L2ePrVRfR8UHZM0gSBMPS_sd0KRXyPRVDXgNPqD9ZWieYWoXVDT04a4k8SWrQOrN44VR3aNjFktKNaObZjb0y M53RaJA59DFDbBX7Qn6ozzOh_dQ==-GykAAAR0Y7E9VoMMjMI9CBtw4FCDDDgQDhtj5_gEK2_cyYgmt1PCSHzKXFY8-e

http://data2.mujsoubor.cz/downloadFile.php?n=aHVudGluZy11bmxpbWl0ZWQtMjAwOF8xLjAuZXhl&s=eiaetpcrtusvuen4ofajgmq326&r=3dbca86ea019b29dac0172cde127a96d

http://www.laboratorycenterconecpt.com/M_lgN0_EfJqJY3PqB1ewoC2X4dD WtxfgGE c116h8QWHCDzEBkxb9t685izbKY0s0lr3gXhT9ZtFn3LW4RiunfMvkD89D9uEHzsChHlI1pCU7v80GLuN77HmjeWNntYqalzz8O7CobyP6DX4c9j4y tV3J6I02XCBJFSYOZ5dDActgRNSXJxEyFSunqYdQ3EMwih9xeW6c6JtKbI WZT_Qkc WqXQ9HGDTv_V3Wqx0PQqJvbqxYj_hgjCb3VClGeyVXJNnqOEkd1bf2bxg1CWmyuWnJBAwiJB1thWBiILxWm3uc5l8XzAeAN9cIpzeUYFjnZJDL7sspbENOP661 9FjTUF3dYC9mEMaJZZ3uX_lKbGyFJCLqnYz5 DViQfS8khji8RZLRi 7FqvUnaLjMW8d4kVUt2qD eBCJqpkeEnz8uYGQom Chc8__OeCm8MYRpP0iFV4LQSuqzSjyGZZx2f381O9qmQsSK71ECfXGyyk5Qwnr 5x5T8DL71Z_y6eB KDiTM078oqsH4TdtIFche Y_diKvETEt4es86IzMIut_b0EdcjbwP9pT5N5B2gT6n58QEkDDdIs4RjMuoUX3Tf6vNzIpv7h_6w1c8SBYie2Az7iKBW28i7 XOqJyO _8L3GfxOGk49YbctGUSmppKloiFw==-GykAAAR0Y7E9VoMMjMI9CBtw4FCDDDgQDhtj5_gEK2_cyYgmt1PCSHzKXFY8-e

http://hunting-unlimited-2008.soft32.com/get/file/id/.../

http://download.informer.com/.../hu2008_setup.exe

http://hu2008.scssoft.com/hu2008_setup.exe

http://hunting-unlimited-2008.software.informer.com/.../

Scan hu2008-setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.